HTTP Message Signature
- Created
- 2023-08-18
- Last Updated
- 2024-09-19
- Available Formats
-
XML
HTML
Plain text
Registries included below
- HTTP Signature Algorithms
- HTTP Signature Metadata Parameters
- HTTP Signature Derived Component Names
- HTTP Signature Component Parameters
HTTP Signature Algorithms
- Registration Procedure(s)
-
Specification Required
- Expert(s)
-
Justin Richer, Manu Sporny
- Reference
- [RFC9421]
- Available Formats
-
CSV
| Algorithm Name | Description | Status | Reference |
|---|---|---|---|
| rsa-pss-sha512 | RSASSA-PSS using SHA-512 | Active | [RFC 9421, Section 3.3.1] |
| rsa-v1_5-sha256 | RSASSA-PKCS1-v1_5 using SHA-256 | Active | [RFC 9421, Section 3.3.2] |
| hmac-sha256 | HMAC using SHA-256 | Active | [RFC 9421, Section 3.3.3] |
| ecdsa-p256-sha256 | ECDSA using curve P-256 DSS and SHA-256 | Active | [RFC 9421, Section 3.3.4] |
| ecdsa-p384-sha384 | ECDSA using curve P-384 DSS and SHA-384 | Active | [RFC 9421, Section 3.3.5] |
| ed25519 | EdDSA using curve edwards25519 | Active | [RFC 9421, Section 3.3.6] |
HTTP Signature Metadata Parameters
- Registration Procedure(s)
-
Expert Review
- Expert(s)
-
Justin Richer, Manu Sporny
- Reference
- [RFC9421]
- Available Formats
-
CSV
| Name | Description | Reference |
|---|---|---|
| alg | Explicitly declared signature algorithm | [RFC 9421, Section 2.3] |
| created | Timestamp of signature creation | [RFC 9421, Section 2.3] |
| expires | Timestamp of proposed signature expiration | [RFC 9421, Section 2.3] |
| keyid | Key identifier for the signing and verification keys used to create this signature | [RFC 9421, Section 2.3] |
| nonce | A single-use nonce value | [RFC 9421, Section 2.3] |
| tag | An application-specific tag for a signature | [RFC 9421, Section 2.3] |
HTTP Signature Derived Component Names
- Registration Procedure(s)
-
Expert Review
- Expert(s)
-
Justin Richer, Manu Sporny
- Reference
- [RFC9421]
- Available Formats
-
CSV
| Name | Description | Status | Target | Reference |
|---|---|---|---|---|
| @signature-params | Reserved for signature parameters line in signature base | Active | Request, Response | [RFC 9421, Section 2.3] |
| @method | The HTTP request method | Active | Request | [RFC 9421, Section 2.2.1] |
| @authority | The HTTP authority, or target host | Active | Request | [RFC 9421, Section 2.2.3] |
| @scheme | The URI scheme of the request URI | Active | Request | [RFC 9421, Section 2.2.4] |
| @target-uri | The full target URI of the request | Active | Request | [RFC 9421, Section 2.2.2] |
| @request-target | The request target of the request | Active | Request | [RFC 9421, Section 2.2.5] |
| @path | The full path of the request URI | Active | Request | [RFC 9421, Section 2.2.6] |
| @query | The full query of the request URI | Active | Request | [RFC 9421, Section 2.2.7] |
| @query-param | A single named query parameter | Active | Request | [RFC 9421, Section 2.2.8] |
| @status | The status code of the response | Active | Response | [RFC 9421, Section 2.2.9] |
HTTP Signature Component Parameters
- Registration Procedure(s)
-
Expert Review
- Expert(s)
-
Justin Richer, Manu Sporny
- Reference
- [RFC9421]
- Available Formats
-
CSV
| Name | Description | Reference |
|---|---|---|
| sf | Strict Structured Field serialization | [RFC 9421, Section 2.1.1] |
| key | Single key value of Dictionary Structured Fields | [RFC 9421, Section 2.1.2] |
| bs | Byte Sequence wrapping indicator | [RFC 9421, Section 2.1.3] |
| tr | Trailer | [RFC 9421, Section 2.1.4] |
| req | Related request indicator | [RFC 9421, Section 2.4] |
| name | Single named query parameter | [RFC 9421, Section 2.2.8] |