Skip to main content

Signing HTTP Messages

Document Type Replaced Internet-Draft (candidate for httpbis WG)
Expired & archived
Authors Annabelle Backman , Justin Richer , Manu Sporny
Last updated 2020-01-08 (Latest revision 2019-12-12)
Replaced by draft-ietf-httpbis-message-signatures
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Additional resources Mailing list discussion
Stream WG state Call For Adoption By WG Issued
Document shepherd (None)
IESG IESG state Replaced by draft-ietf-httpbis-message-signatures
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document describes a mechanism for creating, encoding, and verifying digital signatures or message authentication codes over content within an HTTP message. This mechanism supports use cases where the full HTTP message may not be known to the signer, and where the message may be transformed (e.g., by intermediaries) before reaching the verifier.


Annabelle Backman
Justin Richer
Manu Sporny

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)