Technical Summary
Most HTTP authentication schemes are probeable in the sense that it
is possible for an unauthenticated client to probe whether an origin
serves resources that require authentication. It is possible for an
origin to hide the fact that it requires authentication by not
generating Unauthorized status codes, however that only works with
non-cryptographic authentication schemes: cryptographic signatures
require a fresh nonce to be signed. At the time of writing, there
was no existing way for the origin to share such a nonce without
exposing the fact that it serves resources that require
authentication. This document proposes a new non-probeable
cryptographic authentication scheme.
Working Group Summary
This document received reviews and input from a wide range of WG participants,
and reached broad agreement.
There was no particularly rough consensus points. The main change that occurred
since adoption was a change in the title and framing of the document to not
be considered a generic "signature" authentication, but to be "concealed"
authentication.
Document Quality
This authentication scheme works closely with TLS; members of the TLS working
group are generally quite involved in HTTP, so we had review from the experts
in this area as part of WGLC.
Interop between two separate implementations was validated and reported to the
WG mailing list in January 2024. There may be more since then.
Personnel
The Document Shepherd for this document is Tommy Pauly. The Responsible
Area Director is Francesca Palombini.