Projects by
Thomas Greiner
greinr.com blog
web log
Proof-of-Concept Projects
subscribe
follow
flattr

HTTP Proposal: Integrity

The Integrity HTTP header is meant to give websites a way to direct returning visitors to a different location in case of an emergency. Such an emergency could have different causes (e.g. governmental interference leading to loss of domain name and/or server).

Goals

Future Research

Open Issues

Components

Graph

graph outlining HTTP Integrity process graph outlining HTTP Integrity process

Process

a) client navigates to website [A]

a1) client checks cache

b) client processes results

a1 > b1) client finds entry for [A] in cache
a1 > b2) client does not find entry for [A] in cache

c) client checks cache expiration

b1 > c1) cache entry is not expired
b1 > c2) cache entry is expired

d) client initiates Integrity

b2 > d1) client sends HTTP header Integrity-Version: 0.1
c2 > d2) client sends HTTP header Integrity-Version: 0.1

e) server [A] responds

d1 | d2 > e1) server sends HTTP code 200 with HTTP header Integrity-Location: <ordered, comma separated list of IP addresses and domain names [B..X]>
d1 > e2) server sends HTTP code 200 without HTTP header Integrity-Location
d1 > e3) server sends HTTP error code
c1 | d2 > e4) server sends HTTP error code
c1 > e5) server does not send HTTP error code
d2 > e6) server sends HTTP code 200 without HTTP header Integrity-Location

f) client processes data

e1 | e6 | h1 > f1) client sends HEAD request to server [B..X] with HTTP header Integrity-Origin: [A]

g) server [B..X] responds

f1 > g1) server sends HTTP code 200 with HTTP header Integrity-Status: OK
f1 > g2) server sends HTTP code 200 with HTTP header Integrity-Status: NOK
f1 > g3) server sends HTTP code 200 without HTTP header Integrity-Status
f1 > g4) server sends HTTP error code

h) client checks cache for [A]

g3 | g4 > h1) another entry in location list
g3 | g4 > h2) no other entry in location list
g2 > h3) cache entry exists
g2 > h4) cache entry does not exist

i) client processes server response

e4 > i1) client redirects (301 Moved Permanently) to cached location [B..X] and extends cache expiration date
g1 > i2) client removes cached location (if exists), saves location transmitted through HTTP header Integrity-Location (if exists), associates it with domain [A] and adds cache expiration date
h2 > i3) client removes cache entry (if exists)

END) client finishes navigation

e2 | e3 | e5 | h4 | i2 | i3 > END) [A]
i1 > END) [B..X]

#http #dns
tweet
share
share