Re: [Anima] Content-Transfer-Encoding and HTTP 1.x in ANIMA BRSKI
"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Mon, 17 June 2019 17:18 UTC
Return-Path: <pkampana@cisco.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B919812027F for <anima@ietfa.amsl.com>; Mon, 17 Jun 2019 10:18:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=PFXtbiSd; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=tU7+IuFA
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WUX4oxapkM3N for <anima@ietfa.amsl.com>; Mon, 17 Jun 2019 10:18:21 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 937BB120265 for <anima@ietf.org>; Mon, 17 Jun 2019 10:18:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2218; q=dns/txt; s=iport; t=1560791889; x=1562001489; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=K1PikxvNu4mJFkwUfspWBloiYgBfToCAKqAT0XzmI/A=; b=PFXtbiSdQg8GmEmvJs47hbQUiBXqLRgq4o1A74GgdQKz4MVpqy8DW+f7 o2KhdoINQAGqNVXB8ECShcOwjfbCmeqJkvsZTvTGGLNnlDpVlPvEnF8/E jg7Pr9qxeXNy99ISb482imxpRk7HFbADeLukL4Bp3Y80cxb7GhVYE7D0c w=;
IronPort-PHdr: 9a23:tkKzsBMH8aZn9NksIJMl6mtXPHoupqn0MwgJ65Eul7NJdOG58o//OFDEu6w/l0fHCIPc7f8My/HbtaztQyQh2d6AqzhDFf4ETBoZkYMTlg0kDtSCDBjjL/fvdyU8FexJVURu+DewNk0GUMs=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BIAADEygdd/4gNJK1mHAEBAQQBAQcEAQGBUQcBAQsBgT1QA2pVIAQLKAqEDINHA4RSihGCV5c2gS6BJANUCQEBAQwBAS0CAQGBS4J1AheCNSM0CQ4BAwEBBAEBAgEEbRwMhUoBAQEDARIREQwBATcBBAcEAgEIEQQBAQMCJgICAjAVCAgCBAoEBQgagwGBagMODwECnX0CgTiIX3GBMYJ5AQEFhHsYghAJgQwoAYtdF4FAP4FXgh4uPoIagiwVgnMygiaODi2NPo1mCQKCEJNtgieLDYl8iVuaJQIEAgQFAg4BAQWBUDiBWHAVgyeCDwwXg02KU3KBKY1+AYEgAQE
X-IronPort-AV: E=Sophos;i="5.63,386,1557187200"; d="scan'208";a="356091216"
Received: from alln-core-3.cisco.com ([173.36.13.136]) by rcdn-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 17 Jun 2019 17:18:08 +0000
Received: from XCH-RCD-002.cisco.com (xch-rcd-002.cisco.com [173.37.102.12]) by alln-core-3.cisco.com (8.15.2/8.15.2) with ESMTPS id x5HHI8kN003637 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 17 Jun 2019 17:18:08 GMT
Received: from xhs-aln-001.cisco.com (173.37.135.118) by XCH-RCD-002.cisco.com (173.37.102.12) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 17 Jun 2019 12:18:07 -0500
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 17 Jun 2019 12:18:06 -0500
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 17 Jun 2019 12:18:06 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=K1PikxvNu4mJFkwUfspWBloiYgBfToCAKqAT0XzmI/A=; b=tU7+IuFAczGu0AXIpMtemqDI5Y4WPQgrLtd1EoiUFr7b+M51l331YYr/A6H0o4BT07ab77dWw/HGdvRrksUxAaF+L3prDiCZUynEl16Ed/YueomcD8v8b8qmklLbBMxSqHFeI0CiR6fI5iD5V829Pilc44g5bmMahAWOHNHRw+Y=
Received: from BN7PR11MB2547.namprd11.prod.outlook.com (52.135.244.29) by BN7PR11MB2817.namprd11.prod.outlook.com (52.135.246.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1987.15; Mon, 17 Jun 2019 17:18:05 +0000
Received: from BN7PR11MB2547.namprd11.prod.outlook.com ([fe80::89af:3fb4:eae5:18b2]) by BN7PR11MB2547.namprd11.prod.outlook.com ([fe80::89af:3fb4:eae5:18b2%7]) with mapi id 15.20.1987.014; Mon, 17 Jun 2019 17:18:05 +0000
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
CC: Eliot Lear <lear@cisco.com>, Carsten Bormann <cabo@tzi.org>, Julian Reschke <julian.reschke@gmx.de>, "draft-ietf-pkix-est@ietf.org" <draft-ietf-pkix-est@ietf.org>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>, Anima WG <anima@ietf.org>
Thread-Topic: [Anima] Content-Transfer-Encoding and HTTP 1.x in ANIMA BRSKI
Thread-Index: AQHVIdoDl1v+cVRF/keZkXS6xeh3nKaZpQQAgAZoZW+AAAIRgA==
Date: Mon, 17 Jun 2019 17:18:05 +0000
Message-ID: <BN7PR11MB2547DFFF1EC4B7B92D0FC9DDC9EB0@BN7PR11MB2547.namprd11.prod.outlook.com>
References: <32410.1560275231@localhost> <15839.1560351718@localhost> <8a538f76-787d-de13-97f1-16195daae8ce@gmx.de> <F896BCBC-6C32-4107-B4B5-C12617F81326@tzi.org> <AD4DC1AA-C332-4BC7-B095-0CDD30700B99@cisco.com> <909.1560436148@localhost> <BN7PR11MB25473A12F646FAC8C19C1118C9EF0@BN7PR11MB2547.namprd11.prod.outlook.com> <8921.1560788417@dooku.sandelman.ca>
In-Reply-To: <8921.1560788417@dooku.sandelman.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pkampana@cisco.com;
x-originating-ip: [68.93.142.48]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 93dac53a-b1f5-4b56-4cb4-08d6f347c2b8
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:BN7PR11MB2817;
x-ms-traffictypediagnostic: BN7PR11MB2817:
x-microsoft-antispam-prvs: <BN7PR11MB2817F8E51F4B408B946C0347C9EB0@BN7PR11MB2817.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0071BFA85B
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(376002)(346002)(136003)(396003)(366004)(13464003)(189003)(199004)(74316002)(4326008)(6246003)(68736007)(478600001)(99286004)(446003)(26005)(66066001)(102836004)(71200400001)(5660300002)(54906003)(76176011)(11346002)(71190400001)(14454004)(316002)(6506007)(186003)(53546011)(33656002)(7696005)(53936002)(6116002)(9686003)(305945005)(7736002)(2906002)(86362001)(486006)(73956011)(76116006)(3846002)(25786009)(81156014)(66446008)(66556008)(64756008)(66476007)(256004)(66946007)(6436002)(81166006)(8676002)(8936002)(476003)(52536014)(55016002)(229853002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN7PR11MB2817; H:BN7PR11MB2547.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: uoFQPvX3/LFEmIrypywG9zU/Cu/M+wTA7m+p9oh+hrz7beOjX8DJ9pmekrEbKUrsFGR/NO2it0/+D//Bczl6mwiZJIccO9P909O74BBdKYXsdJZBbGId58FFKocd3iovRN7Mnv9Zvm0z5qVQLw8Li9L9Bp+8BcB/cacYDB1rS13MJUk19ooSK7KNM7izthDJ/cei2pAQGlXMqhxjP+evz+slaFp/fjJPo2uwDYSADtO1qX0YbT2YGIsTDVBcpDCn6oJra3vcHawVMYVwfCSaryJE4DbvuT/0hdOvbQvCOhvPJUvkSFnd4vCoBSTw0XdFKLTc5KKsQ4u7qb7NVLmL0CjkC8Rpk31ZgdwIm1g0mI6i6/5+AlhpzKQPHtHe2BbS0aFNvzSaZ2bhYLQFTFIZdN7lfLqioFTXBDLvnPKjkS8=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 93dac53a-b1f5-4b56-4cb4-08d6f347c2b8
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jun 2019 17:18:05.2780 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: pkampana@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN7PR11MB2817
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.12, xch-rcd-002.cisco.com
X-Outbound-Node: alln-core-3.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/A_xB9UhAUCrNFrb7CWm-DKgW4Qg>
Subject: Re: [Anima] Content-Transfer-Encoding and HTTP 1.x in ANIMA BRSKI
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jun 2019 17:18:24 -0000
> So effectively, the CTE header has effectively been dropped, but the payload is now assumed to be base64, regardless. > This suggests that we can not use the CTE header as a signal. I am not sure I can speak about all implementations out there, but that is what I saw in my interop testing. > One has to assume base64 encoded values for the RFC7030 end-points. In all tests I did yes. -----Original Message----- From: Michael Richardson <mcr+ietf@sandelman.ca> Sent: Monday, June 17, 2019 12:20 PM To: Panos Kampanakis (pkampana) <pkampana@cisco.com> Cc: Eliot Lear <lear@cisco.com>; Carsten Bormann <cabo@tzi.org>; Julian Reschke <julian.reschke@gmx.de>; draft-ietf-pkix-est@ietf.org; ietf-http-wg@w3.org; Anima WG <anima@ietf.org> Subject: Re: [Anima] Content-Transfer-Encoding and HTTP 1.x in ANIMA BRSKI * PGP Signed by an unknown key > Now, I don’t know how other EST clients would act. There are many out > there by now that we can’t safely tell if they would act up. > The commercial and enterprise CAs I tested with interoped fine with > the libest client and they were not all sending the CTE field. They > payload was base64 though. I didn't read this well enough before. So effectively, the CTE header has effectively been dropped, but the payload is now assumed to be base64, regardless. This suggests that we can not use the CTE header as a signal. One has to assume base64 encoded values for the RFC7030 end-points. -- Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- * Unknown Key * 0xFDFC4290
- [Anima] Content-Transfer-Encoding and HTTP 1.x in… Michael Richardson
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Michael Richardson
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Julian Reschke
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Brian E Carpenter
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Michael Richardson
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Julian Reschke
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Carsten Bormann
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Eliot Lear
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Michael Richardson
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Panos Kampanakis (pkampana)
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Brian E Carpenter
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Michael Richardson
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Michael Richardson
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Panos Kampanakis (pkampana)
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Brian E Carpenter
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Michael Richardson
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Michael Richardson
- Re: [Anima] Content-Transfer-Encoding and HTTP 1.… Julian Reschke