Webhook Message Integrity

Webhooks may be configured to require an integrity check. This is a basic, non-secure data integrity check mechanism that protects against accidental modification of the entity-body in transit [1]. Non-secure means that this is not a protection against malicious attackers that attempt to forge requests. In order to allow the recipient of the webhook request to verify message integrity, we use the HTTP 1.1 standard Content-MD5 header. In the following the protocol as defined in http://www.ietf.org/rfc/rfc1864.txt is described.

Sender (EPP):

1. Apply any content encoding to the desired entity body (i.e. application/x-www-form-urlencoded or application/json).
2. Calculate a hash of the content-encoded entity body using the MD5 hash function.
3. Base 64 encode the resulting MD5 hash.
4. Add the resulting string to the entity header field Content-Md5.
5. Apply any transfer encoding to the HTTP entity and send the resulting HTTP request message.

Recipient (Customer):

1. Receive the HTTP request message and apply any transfer decoding necessary to extract the HTTP entity.
2. Calculate a hash of the entity body using the MD5 hash function.
3. Base 64 encode the resulting MD5 hash.
4. Check if the computed value matches the value of the received Content-MD5 header field.

The server should check and return a 400 HTTP status code, if data integrity is violated. The invocation is retried in this case.