TOC 
Network Working GroupA. Bryan
Internet-DraftOctober 15, 2009
Intended status: Informational 
Expires: April 18, 2010 


Additional Hash Algorithms for HTTP Instance Digests
draft-bryan-http-digest-algorithm-values-update-02

Status of this Memo

This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”

The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.

The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html.

This Internet-Draft will expire on April 18, 2010.

Copyright Notice

Copyright (c) 2009 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents in effect on the date of publication of this document (http://trustee.ietf.org/license-info). Please review these documents carefully, as they describe your rights and restrictions with respect to this document.

Abstract

[RFC3230] (Mogul, J. and A. Van Hoff, “Instance Digests in HTTP,” January 2002.) created the IANA registry named "Hypertext Transfer Protocol (HTTP) Digest Algorithm Values" which defines values for digest algorithms used in HTTP. This draft adds new values to the registry and updates previous values.



Table of Contents

1.  Introduction
    1.1.  Examples
2.  IANA Considerations
    2.1.  Previous Registrations Updated
    2.2.  New Registrations
3.  Security Considerations
4.  Changes compared to RFC3230
5.  Normative References
Appendix A.  Acknowledgements and Contributors
Appendix B.  Document History (to be removed by RFC Editor before publication)
§  Author's Address




 TOC 

1.  Introduction

The IANA registry named "Hypertext Transfer Protocol (HTTP) Digest Algorithm Values" defines values for digest algorithms used in HTTP.

Note: This is unrelated to HTTP Digest Authentication.

The registry was created by [RFC3230] (Mogul, J. and A. Van Hoff, “Instance Digests in HTTP,” January 2002.) in 2002. This draft adds new values to the registry and updates previous values which had redundant or outdated references.

[[ Discussion of this draft should take place on IETF HTTP WG mailing list at ietf-http-wg@w3.org or directly to the author. ]]



 TOC 

1.1.  Examples

Examples of Instance Digest for SHA-256:

Digest: SHA-256=MWVkMWQxYTRiMzk5MDQ0MzI3NGU5NDEyZTk5OWY1ZGFmNzgyZTJlO
DYzYjRjYzFhOTlmNTQwYzI2M2QwM2U2MQ==


 TOC 

2.  IANA Considerations

This document makes use of the IANA registry named "Hypertext Transfer Protocol (HTTP) Digest Algorithm Values" specified in [RFC3230] (Mogul, J. and A. Van Hoff, “Instance Digests in HTTP,” January 2002.).



 TOC 

2.1.  Previous Registrations Updated

Accordingly, IANA has updated the following registrations:

Digest Algorithm: MD5

Description: The MD5 algorithm, as specified in [RFC1321] (Rivest, R., “The MD5 Message-Digest Algorithm,” April 1992.). The output of this algorithm is encoded using the base64 encoding [RFC4648] (Josefsson, S., “The Base16, Base32, and Base64 Data Encodings,” October 2006.).

Reference: [RFC1321] (Rivest, R., “The MD5 Message-Digest Algorithm,” April 1992.) [RFC4648] (Josefsson, S., “The Base16, Base32, and Base64 Data Encodings,” October 2006.)

Digest Algorithm: SHA

Description: The SHA-1 algorithm [FIPS‑180‑3] (National Institute of Standards and Technology (NIST), “Secure Hash Standard (SHS),” October 2008.). The output of this algorithm is encoded using the base64 encoding [RFC4648] (Josefsson, S., “The Base16, Base32, and Base64 Data Encodings,” October 2006.).

Reference: [FIPS‑180‑3] (National Institute of Standards and Technology (NIST), “Secure Hash Standard (SHS),” October 2008.) [RFC4648] (Josefsson, S., “The Base16, Base32, and Base64 Data Encodings,” October 2006.)



 TOC 

2.2.  New Registrations

Accordingly, IANA has made the following registrations:

Digest Algorithm: SHA-256

Description: The SHA-256 algorithm [FIPS‑180‑3] (National Institute of Standards and Technology (NIST), “Secure Hash Standard (SHS),” October 2008.). The output of this algorithm is encoded using the base64 encoding [RFC4648] (Josefsson, S., “The Base16, Base32, and Base64 Data Encodings,” October 2006.).

Reference: [FIPS‑180‑3] (National Institute of Standards and Technology (NIST), “Secure Hash Standard (SHS),” October 2008.) [RFC4648] (Josefsson, S., “The Base16, Base32, and Base64 Data Encodings,” October 2006.)

Digest Algorithm: SHA-512

Description: The SHA-512 algorithm [FIPS‑180‑3] (National Institute of Standards and Technology (NIST), “Secure Hash Standard (SHS),” October 2008.). The output of this algorithm is encoded using the base64 encoding [RFC4648] (Josefsson, S., “The Base16, Base32, and Base64 Data Encodings,” October 2006.).

Reference: [FIPS‑180‑3] (National Institute of Standards and Technology (NIST), “Secure Hash Standard (SHS),” October 2008.) [RFC4648] (Josefsson, S., “The Base16, Base32, and Base64 Data Encodings,” October 2006.)



 TOC 

3.  Security Considerations

Same as [RFC3230] (Mogul, J. and A. Van Hoff, “Instance Digests in HTTP,” January 2002.).



 TOC 

4.  Changes compared to RFC3230

All previous values to the registry are still valid.

The reference for base64 encoding has been updated for both MD5 and SHA.

The reference for SHA has been updated.



 TOC 

5. Normative References

[FIPS-180-3] National Institute of Standards and Technology (NIST), “Secure Hash Standard (SHS),” FIPS PUB 180-3, October 2008.
[RFC1321] Rivest, R., “The MD5 Message-Digest Algorithm,” RFC 1321, April 1992.
[RFC3230] Mogul, J. and A. Van Hoff, “Instance Digests in HTTP,” RFC 3230, January 2002.
[RFC4648] Josefsson, S., “The Base16, Base32, and Base64 Data Encodings,” RFC 4648, October 2006.


 TOC 

Appendix A.  Acknowledgements and Contributors

Thanks to Mark Nottingham, Eran Hammer-Lahav, Nils Maier, Lisa Dusseault, Alfred Hoenes, and Pasi Eronen.



 TOC 

Appendix B.  Document History (to be removed by RFC Editor before publication)

[[ to be removed by the RFC editor before publication as an RFC. ]]

Known issues concerning this draft:

-02 : October 15, 2009.

-01 : October 07, 2009.

-00 : September 08, 2009.



 TOC 

Author's Address

  Anthony Bryan
  Pompano Beach, FL
  USA
Email:  anthonybryan@gmail.com
URI:  http://www.metalinker.org