Hi, I'm @msporny, primary author of the HTTP Signatures specification at IETF for many years now. You've implemented some variation of that specification.

I need your help to move that specification towards a global standard at IETF. Hearing from implementers, such as you, is a big part of determining if the work toward a global standard should proceed. The IETF HTTP Working Group is determining whether the work should proceed right now. This is very good news, because the European Banking API community, W3C DID Working Group, W3C Credentials Community Group and other standards setting organizations depend on implementations standardizing on a way to do HTTP Signatures.

The deadline for noting your support is Jan 31st 2020 (in ~10 days).

Here's where you can make a difference...

Here is the IETF HTTP WG Call for Adoption:

https://lists.w3.org/Archives/Public/ietf-http-wg/2020JanMar/0002.html

To note your support of the specification:

1. Go here and click "subscribe to this list": https://lists.w3.org/Archives/Public/ietf-http-wg/
2. Verify your subscription by checking your email and clicking on the link that is mailed to you.
3. Go here and click "respond to this message": https://lists.w3.org/Archives/Public/ietf-http-wg/2020JanMar/0002.html
4. Write an email stating:
   4.1 That you support the adoption of the draft.
   4.2 Why you support the adoption of the draft.
   4.3 How you plan to make use the specification, either directly, or indirectly (via someone else's software).
5. Set up an email filter to put all mail sent to ietf-http-wg@w3.org into its own folder. The mailing list averages ~350 emails/month. You can also leave the mailing list immediately after sending the email above if that amount of email traffic is unacceptable to you.

For an example of the type of email you could write, see this:

https://lists.w3.org/Archives/Public/ietf-http-wg/2020JanMar/0018.html

Thanks a ton for supporting the specification through your implementation. I hope you consider helping us take the specification across the goal line by voicing your support in the IETF HTTP Working Group!

@msporny thanks for your leadership pushing the draft forward. I maintain this library part-time and sometimes have to put off responding until I have an unbroken chunk of time to re-establish context.

I see the latest draft is now at https://tools.ietf.org/html/draft-richanna-http-message-signatures-00. Is there anything I can do to support it?

Looking at the mailing list, it looks like the draft was adopted as an IETF standards-track draft for HTTP2 thanks to @richanna's efforts, right?

https://tools.ietf.org/html/draft-ietf-httpbis-message-signatures

That's great news. I'm going to work toward full compliance with this latest draft.

@msporny thanks for the work that you and the team have put into the draft. With the latest draft released, I have updated the implementation in this library so it now supports the full scope of draft-ietf-httpbis-message-signatures-09.