Signing messages === ## Why sign http messages for authentication vs "traditional" auth token, cookie, etc? from https://tools.ietf.org/id/draft-cavage-http-signatures-08.html "When communicating over the Internet using the HTTP protocol, it can be desirable for a server or client to authenticate the sender of a particular message. ***It can also be desirable to ensure that the message was not tampered with during transit***." ## Reference to existing open standards for signing http messages, or messages in general * HTTP Signatures https://tools.ietf.org/id/draft-cavage-http-signatures-08.html * https://www.wireguard.com/protocol/ * ssh authentication