We need to support signing of the HPKE config list returned by /hpke_configs.
We should support, minimally, ECDSA P-256 w/ SHA-256. This is OK as a starting point for implementation; we don't need to support a variety of signature schemes as long as we don't paint ourselves into a corner.
The signature should go into a new header that is included in the response to an /hpke_configs request. The header name should be "x-hpke-config-signature". The header value should be an unpadded-base64url-encoding of a DER-encoding of the signature.
We need to support signing of the HPKE config list returned by
/hpke_configs
.We should support, minimally, ECDSA P-256 w/ SHA-256. This is OK as a starting point for implementation; we don't need to support a variety of signature schemes as long as we don't paint ourselves into a corner.
The signature should go into a new header that is included in the response to an
/hpke_configs
request. The header name should be "x-hpke-config-signature". The header value should be an unpadded-base64url-encoding of a DER-encoding of the signature.See also https://github.com/cloudflare/daphne/pull/520.