IETF draft: Content-Digest and Want-Content-Digest

[da2x]

A heads up about draft-ietf-httpbis-digest-headers-06:

This document defines HTTP fields that support integrity checksums. The Digest field can be used for the integrity of HTTP representations.
The Content-Digest field can be used for the integrity of HTTP message content. Want-Digest and Want-Content-Digest can be used to indicate a sender's desire to receive integrity fields respectively.

It’s an IETF standardization effort of interest to IPFS integration efforts into web browsers. The standardized Content-Digest: cid=bafy.. response header could replace x-ipfs-path: /ipfs/bafy... The standardized Want-Content-Digest: cid request header could be used by clients to indicate they support IPFS.

[lidel]

Sounds like the draft you linked attempts to compliment/supersede actual RFCs:

• RFC6249: Metalink/HTTP: Mirrors and Hashes which we track in https://github.com/ipfs/in-web-browsers/issues/179
• RFC3230: Instance Digests in HTTP https://datatracker.ietf.org/doc/html/rfc3230

Given this one is still a draft, but introduces Content-Digest and Want-Content-Digest: header that offers new "protocol upgrade" possibilities, let's keep it open for now and see how it goes.

Obligatory note on Verifiable Gateway responses: The usual nuance here is that for bigger files, a CID is not a hash of a file, but the root of a DAG representing chunked data. This means one can't verify the hash without fetching additional metadata about the DAG somehow. Related reading: https://github.com/ipfs/in-web-browsers/issues/128

[lidel]

24 December 2022 update: https://httpwg.org/http-extensions/draft-ietf-httpbis-digest-headers.html

[autonome]

The digest bits still moving forward, latest update Feb 2024: https://datatracker.ietf.org/doc/html/rfc9530