Add Invalid Digest Value

tus · Jun 27, 2024 · 4b65e13 · 4b65e13
1 parent 1bb6272
commit 4b65e13
Showing 1 changed file with 37 additions and 0 deletions.
diff --git a/draft-kleidl-digest-fields-problem-types.md b/draft-kleidl-digest-fields-problem-types.md
@@ -31,6 +31,7 @@ author:
 normative:
   DIGEST: RFC9530
   PROBLEM: RFC9457
+  STRUCTURED-FIELDS: RFC8941
 
 informative:
 
@@ -94,6 +95,28 @@ Content-Type: application/problem+json
 }
 ~~~
 
+If the sender receives this problem type, it SHOULD retry the request while picking another hashing algorithm. If the response includes an array of supported algorithms, it SHOULD choose one of them.
+
+## Invalid Digest Value
+
+This section defines the `https://iana.org/assignments/http-problem-types#invalid-digest-value` problem type {{PROBLEM}}. A resource MAY use this problem type in a response to a request, whose integrity fields include a digest value, that cannot be generated by the corresponding hashing algorithm. For example, if the digest value of the `sha-512` hashing algorithm is not 64 bytes long, it cannot be a valid digest value and the resource can skip computing the digest value.
+
+The resource SHOULD a human-readable description why the value is considered invalid in the `title` member.
+
+The following example shows a response for a request with an invalid digest value.
+
+~~~ http-message
+HTTP/1.1 400 Bad Request
+Content-Type: application/problem+json
+
+{
+  "type": "https://iana.org/assignments/http-problem-types#invalid-digest-value",
+  "title": "digest value for sha-512 is not 64 bytes long"
+}
+~~~
+
+If the sender receives this problem type, it SHOULD NOT retry the request without modification. Such an error is likely rooted in a fault in the sender's computation or encoding of the digest value.
+
 # Security Considerations
 
 Although an error appeared while handling the digest fields, the resource may choose to not disclose this error to the sender to avoid lacking implementation details. Similar, the resource may choose a general problem type for the response even in a more specific problem type is defined if it prefers to hide the details of the error from the sender.
@@ -114,6 +137,20 @@ Recommended HTTP status code:
 Reference:
 : This document
 
+IANA is asked to register the following entry in the "HTTP Problem Types" registry:
+
+Type URI:
+: https://iana.org/assignments/http-problem-types#invalid-digest-value
+
+Title:
+: Invalid Digest Value
+
+Recommended HTTP status code:
+: 400
+
+Reference:
+: This document
+
 --- back
 
 # Acknowledgments