a Secarta project ...

HTTPsec Authentication Protocol

[ View as one printable page ]

Preamble

1. Introduction
1.1. Editorial Conventions
1.2. Terms
1.3. Identifiers
2. Summary
2.1. Authentication Model
2.2. Peer Identifiers
2.3. Protocol Operation
2.3.1. Initialization
2.3.2. Continuation
3. Protocol Messages
3.1. Initialization Messages
3.1.1. Initialization Request
3.1.2. Initialization Response
3.2. Continuation Messages
3.2.1. Continuation Request
3.2.2. Continuation Response
3.3. Challenge Messages
3.3.1. Challenge Response
3.4. Message Flow
4. Protocol Directives
4.1. id
4.2. dh
4.3. certificate
4.4. url
4.5. group
4.6. nonce
4.7. auth
4.8. token
4.9. signature
4.10. count
4.11. mac
4.12. digest
5. Other Headers
5.1. Content-Encoding
5.2. Cache-Control
5.3. Expires
6. Protocol Computations
6.1. Algorithms
6.1.1. Hash Algorithm
6.1.2. Public Key Algorithm
6.1.3. Encryption Scheme
6.1.4. Signature Scheme
6.1.5. Block Cipher
6.1.6. Block Cipher Mode
6.2. Header Canonicalization
6.3. Initialization Transcript
6.4. Continuation Request Transcript
6.5. Continuation Response Transcript
6.6. Shared Secret
6.7. Keys
6.7.1. MAC Keys
6.7.2. Cipher Keys
6.8. Message Body Ciphering
7. Message Validation
7.1. Initialization Request Validation
7.2. Initialization Response Validation
7.3. Continuation Request Validation
7.4. Continuation Response Validation
8. Cache Considerations
9. Security Considerations
10. References
11. Editor Address

4.12. digest

The the optional digest directive in a continuation request or a continuation response is a hash digest of the message entity-body. It's role is to enable message entity-body authentication: its value is an input to the computation of the mac directive (via the appropriate message transcript). This directive SHOULD be present in any continuation message for which it is feasible to calculate a hash digest of the entity-body (including, trivially, all those with an empty entity-body).

The value of the digest directive is a hash of the entity-body, computed using the Hash Algorithm. The hash MUST be computed on the entity-body as manifest after all encodings declared in the Content-Encoding [HTTP][ 14.11] header (including the cipher encoding with the identifier "x-httpsec/1.0-cipher" defined in the Message Body Ciphering section) and before Transfer-Encoding [HTTP][ 14.41].

The absence of the digest directive implies that the message entity-body is not authenticated. This may be the case if the entity-body cannot be hashed for some reason by the message sender, for instance if it is a stream of indeterminate length.

The value of the digest directive MUST be base64 encoded. For empty message bodies, it is the following constant (being the Base64 representation of the hash of zero bytes):

47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=
© Secarta. All rights reserved.