Signing HTTP Messages

Document Type Replaced Internet-Draft (candidate for httpbis WG)
Authors Annabelle Backman  , Justin Richer  , Manu Sporny 
Last updated 2020-01-08 (latest revision 2019-12-12)
Replaced by draft-ietf-httpbis-message-signatures
Stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Expired & archived
plain text html xml htmlized pdfized bibtex
Stream WG state Call For Adoption By WG Issued
Document shepherd No shepherd assigned
IESG IESG state Replaced by draft-ietf-httpbis-message-signatures
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document describes a mechanism for creating, encoding, and verifying digital signatures or message authentication codes over content within an HTTP message. This mechanism supports use cases where the full HTTP message may not be known to the signer, and where the message may be transformed (e.g., by intermediaries) before reaching the verifier.


Annabelle Backman (
Justin Richer (
Manu Sporny (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)