Add header extension member

Acconut · Acconut · commit 1d19824b6382 · 2025-04-25T11:18:46.000+02:00
diff --git a/draft-ietf-httpapi-digest-fields-problem-types.md b/draft-ietf-httpapi-digest-fields-problem-types.md
@@ -71,7 +71,8 @@ Want-Content-Digest: sha-512=3, sha-256=10
   "type": "https://iana.org/assignments/http-problem-types#\
     digest-unsupported-algorithm",
   "title": "hashing algorithm is not supported",
-  "unsupported-algorithm": "foo"
+  "unsupported-algorithm": "foo",
+  "header": "Wand-Content-Digest"
 }
 ~~~
 
@@ -98,14 +99,15 @@ A server MAY use this problem type if it wants to communicate to the client that
 one of the hashing algorithms referenced in the integrity or integrity preference fields present in the request
 is not supported.
 
-For this problem type, `unsupported-algorithm` is defined as the only extension member.
-It SHOULD be populated in a response using this problem type, with its value being the algorithm key of the unsupported algorithm from the request.
+Two problem type extension members are defined, which SHOULD be populated for all responses using this problem type:
+
+- The `unsupported-algorithm` extension member identifies the unsupported algorithm from the request. Its value is the corresponding algorithm key.
+- The `header` extension member as defined in {{identifying-problem-causing-headers}}.
+
 The response can include the corresponding integrity preference field to indicate the server's algorithm support and preference.
 
 This problem type is a hint to the client about algorithm support, which the client could use to retry the request with a different, supported, algorithm.
 
-Note that a request may contain more than one integrity fields or integrity preference fields.
-
 Example:
 
 ~~~ http-message
@@ -131,7 +133,8 @@ Want-Repr-Digest: sha-512=10, sha-256=0
   "type": "https://iana.org/assignments/http-problem-types#\
     digest-unsupported-algorithm",
   "title": "Unsupported hashing algorithm",
-  "unsupported-algorithm": "sha-256"
+  "unsupported-algorithm": "sha-256",
+  "header": "Repr-Digest"
 }
 ~~~
 {: title="Response indicating the problem and advertising the supported algorithms"}
@@ -156,7 +159,8 @@ Content-Type: application/problem+json
   "type": "https://iana.org/assignments/http-problem-types#\
     digest-unsupported-algorithm",
   "title": "Unsupported hashing algorithm",
-  "unsupported-algorithm": "sha"
+  "unsupported-algorithm": "sha",
+  "header": "Want-Repr-Digest"
 }
 ~~~
 {: title="Response indicating the problem and advertising the supported algorithms"}
@@ -165,6 +169,10 @@ Content-Type: application/problem+json
 
 This section defines the "https://iana.org/assignments/http-problem-types#digest-invalid-value" problem type. A server MAY use this problem type when responding to a request, whose integrity fields include a digest value, that cannot be generated by the corresponding hashing algorithm. For example, if the digest value of the `sha-512` hashing algorithm is not 64 bytes long, it cannot be a valid SHA-512 digest value and the server can skip computing the digest value. This problem type MUST NOT be used if the server is not able to parse the integrity fields according to {{Section 4.5 of STRUCTURED-FIELDS}}, for example because of a syntax error in the field value.
 
+One problem type extension member is defined, which SHOULD be populated for all responses using this problem type:
+
+- The `header` extension member as defined in {{identifying-problem-causing-headers}}.
+
 The server SHOULD include a human-readable description why the value is considered invalid in the `title` member.
 
 This problem type indicates a fault in the sender's calculation or encoding of the digest value. A retry of the same request without modification will likely not yield a successful response.
@@ -190,7 +198,8 @@ Content-Type: application/problem+json
 {
   "type": "https://iana.org/assignments/http-problem-types#\
     digest-invalid-value",
-  "title": "digest value for sha-512 is not 64 bytes long"
+  "title": "digest value for sha-512 is not 64 bytes long",
+  "header": "Repr-Digest"
 }
 ~~~
 {: title="Response indicating that the provided digest is too short"}
@@ -199,7 +208,12 @@ Content-Type: application/problem+json
 
 This section defines the "https://iana.org/assignments/http-problem-types#digest-mismatching-value" problem type. A server MAY use this problem type when responding to a request, whose integrity fields include a digest value that does not match the digest value that the server calculated for the request content or representation.
 
-Two problem type extension members are defined: the `algorithm` and `provided-digest` members. A response using this problem type SHOULD populate all members, with the value of `algorithm` being the algorithm key of the used hashing algorithm and the value of `provided-digest` being the digest value taken from the request's integrity fields. The digest value is serialized as a byte sequence as described in {{Section 4.1.8 of STRUCTURED-FIELDS}}.
+
+Three problem type extension members are defined, which SHOULD be populated for all responses using this problem type:
+
+- The `algorithm` extension member is the algorithm key of the used hashing algorithm.
+- The `provided-digest` extension member is the digest value taken from the request's integrity fields. The digest value is serialized as a byte sequence as described in {{Section 4.1.8 of STRUCTURED-FIELDS}}.
+- The `header` extension member as defined in {{identifying-problem-causing-headers}}.
 
 The problem type intentionally does not include the digest value calculated by the server to avoid attackers abusing this information for oracle attacks.
 
@@ -228,11 +242,18 @@ Content-Type: application/problem+json
     digest-mismatching-value",
   "title": "digest value from request does not match expected value",
   "algorithm": "sha-256",
-  "provided-digest": ":RK/0qy18MlBSVnWgjwz6lZEWjP/lF5HF9bvEF8FabDg=:"
+  "provided-digest": ":RK/0qy18MlBSVnWgjwz6lZEWjP/lF5HF9bvEF8FabDg=:",
+  "header": "Repr-Digest"
 }
 ~~~
 {: title="Response indicating the mismatching digests"}
 
+# Identifying Problem Causing Headers
+
+Requests can include multiple integrity or integrity preference fields. For example, they may use the `Content-Digest` and `Repr-Digest` fields simultaneously or express preferences for content and representation digests at the same time. To aid troubleshooting, it's useful to identify the header field, whose value caused the problem detailed in the response. For this reason, the `header` extension member is defined, which SHOULD be populated for all responses using the problem types defined in this document.
+
+The `header` extension member's value is the header field name that caused the problem. Since HTTP header field names are case-insensitive and not all HTTP versions preserve their casing, the casing of extension member's value might not match the request header field name's casing.
+
 # Security Considerations
 
 Disclosing error details could leak information
