The HTTPS Transfer Specification does not define an encoding value for the X-Correlation-ID that is used to convey the OpenC2 request_id.ÂÂ
The OpenC2 Language SpecificationÂ
1) defines request-id as a binary value with a specific maximum size of 128 bits (Section 3.1.2),Â
andÂ
2) Specifies base64url encoding for binary values.
HTTP headers are strings. In the absence of other constraints, the HTTPS Specification should specify base64url encoding for the request-id value carried in the X-Correlation-ID.
My thanks to Dave Kemp for working through this issue with me.
Dave
David P. Lemire, CISSP
 OpenC2 Technical Committee Secretary
 OpenC2 Implementation Considerations SC Co-chair
 Contractor support to NSA
Email:
dave.lemire@g2-inc.com Office: 301-575-5190 / Mobile: 240-938-9350