w3c-ccg http-signatures issues

w3c-ccg / http-signatures

Signing HTTP Messages specification

https://w3c-dvcg.github.io/http-signatures/

Other

34 stars 9 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

IPv6 over Networks of Resource-constrained Nodes (6lo)

#116 techoo8 closed 3 weeks ago
0
Example RSA Key in the draft is not FIPS compliant

#114 kinosang opened 3 years ago
1
A.3.2.1. Minimal Required Signature Header seems wrong

#113 kinosang opened 3 years ago
0
Archiving this repository?

#112 ioggstream opened 3 years ago
6
Status of the Authorization header

#111 kislyuk opened 4 years ago
0
Inconsistencies relating to "(created)" pseudo-header

#110 Diggsey opened 4 years ago
0
Test RSA key is only 1024 bit, not 2048 bit as it says

#109 Diggsey opened 4 years ago
2
`algorithm` parameter does not make sense

#108 Diggsey opened 4 years ago
2
ECDSA signature encoding, binary IEEE P.1363 or ASN.1

#107 sebastien-rosset opened 4 years ago
0
Proposal to add (response-code) special header

#106 rinne opened 4 years ago
1
Inconsistent use of \n in examples

#105 rinne opened 4 years ago
0
Wrong reference in section 3.1. "Authorization Header"

#104 sebastien-rosset opened 4 years ago
1
Inconsistent use of space character in section C Test Values

#103 sebastien-rosset opened 4 years ago
0
Typo in sections 3.1.2, 3.1.3, 4.1.1 and 4.1.2, RSA and HMAC examples

#102 sebastien-rosset opened 4 years ago
0
Small typo in section 2.1.5

#101 sebastien-rosset opened 4 years ago
0
Reformat list of recommendations in section E.2

#100 sebastien-rosset opened 4 years ago
0
HTTP signature scheme in the IANA Authentication Scheme Registry

#99 sebastien-rosset opened 4 years ago
0
Discussion: relations with alt-svc

#98 ioggstream opened 4 years ago
0
Stance on using Query String instead of Header

#97 JCapriotti opened 4 years ago
3
HTTP-Signatures discussed at IETF106

#96 bblfish opened 4 years ago
3
Delimit Signature Header Parameters With Semi-colon

#95 bdenton opened 4 years ago
0
Algorithm signature parameter is too complex

#94 msporny opened 4 years ago
0
:path pseudo header encoding

#93 msporny opened 4 years ago
3
HTTP Signatures for Solid

#92 bblfish opened 4 years ago
6
Project stance on signatures incorporating external data

#91 liamdennehy closed 4 years ago
3
Project stance on signature & parameter negotiation

#90 liamdennehy closed 4 years ago
1
Project stance on multiple header instances

#89 liamdennehy closed 4 years ago
2
Project stance on backwards compatibility

#88 liamdennehy opened 4 years ago
0
Project Principles, Readme & Contributing

#87 liamdennehy opened 4 years ago
1
Building

#86 liamdennehy closed 4 years ago
0
Implementation should throw if it would overwrite an Existing Authorization or Signature Header.

#85 aljones15 opened 4 years ago
7
Forbid referring to zero-length header values.

#84 aljones15 closed 4 years ago
3
Clarify signing escaped/encoded :path parameter in signing string

#83 liamdennehy opened 4 years ago
0
Forbid "(request-target)" in response signature

#82 liamdennehy opened 4 years ago
3
Proposal to Drop Normative Statements the depend on HTTP Message Parser behavior.

#81 aljones15 closed 4 years ago
1
Consider removing the `headers` field to the `Signed-Headers` header field.

#80 ioggstream opened 4 years ago
5
Dis-entangle this spec from Digest

#79 ioggstream opened 5 years ago
0
HMAC example is illustrated with headers, not *without*

#78 dunjut opened 5 years ago
1
Signing string should include keyId and algorithm (if present) via pseudo headers

#77 dlongley opened 5 years ago
3
Fix: #75. Reference representation data, not message body.

#76 ioggstream opened 5 years ago
0
Digest acts on the representation-data, not the message body

#75 ioggstream opened 5 years ago
0
Add code for generating example signatures

#74 ioggstream opened 5 years ago
1
Add sample code for generate examples.

#73 ioggstream opened 5 years ago
0
Sign content-type when digest is used. #36

#72 ioggstream opened 5 years ago
10
PROPOSAL: move index.xml to index.md

#71 ioggstream closed 4 years ago
2
Fix: #67. Forbid zero-length Signature.headers.

#70 ioggstream closed 5 years ago
2
Fix #68: missing lines in signature string example.

#69 ioggstream opened 5 years ago
2
Missing pseudo headers in draft version #11 examples

#68 hrobache opened 5 years ago
0
Forbid empty `headers` parameter as it's subject to replay attacks.

#67 ioggstream closed 5 years ago
8
created and expires should be signed if present

#66 ioggstream opened 5 years ago
1