5.1. The Accept-Signature Field

5.1. The Accept-Signature Field

The Accept-Signature field is a Dictionary Structured Field (defined in Section 3.2 of [STRUCTURED-FIELDS]) containing the metadata for one or more requested message signatures to be generated from message components of the target HTTP message. Each member describes a single message signature. The member's key is the label that uniquely identifies the requested message signature within the context of the target HTTP message.

The member's value is the serialization of the desired covered components of the target message, including any allowed component metadata parameters, using the serialization process defined in Section 2.3:

NOTE: '' line wrapping per RFC 8792

Accept-Signature: sig1=("@method" "@target-uri" "@authority"
"content-digest" "cache-control");
keyid="test-key-rsa-pss";created;tag="app-123"

The list of component identifiers indicates the exact set of component identifiers to be included in the requested signature, including all applicable component parameters.

The signature request MAY include signature metadata parameters that indicate desired behavior for the signer. The following behavior is defined by this specification:

created: The signer is requested to generate and include a creation time. This parameter has no associated value when sent as a signature request.

expires: The signer is requested to generate and include an expiration time. This parameter has no associated value when sent as a signature request.

nonce: The signer is requested to include the value of this parameter as the signature nonce in the target signature.

alg: The signer is requested to use the indicated signature algorithm from the "HTTP Signature Algorithms" registry to create the target signature.

keyid: The signer is requested to use the indicated key material to create the target signature.

tag: The signer is requested to include the value of this parameter as the signature tag in the target signature.