[apps-discuss] Last Call: <draft-ietf-appsawg-http-forwarded-06.txt> (Forwarded HTTP Extension) to Proposed Standard

The IESG <iesg-secretary@ietf.org> Mon, 09 July 2012 16:28 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E72BA11E811F; Mon, 9 Jul 2012 09:28:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.428
X-Spam-Level:
X-Spam-Status: No, score=-102.428 tagged_above=-999 required=5 tests=[AWL=0.171, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gSWeqP0lLc3c; Mon, 9 Jul 2012 09:28:51 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6CCD21F8637; Mon, 9 Jul 2012 09:28:50 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 4.30p3
Message-ID: <20120709162848.23418.51856.idtracker@ietfa.amsl.com>
Date: Mon, 09 Jul 2012 09:28:48 -0700
Cc: apps-discuss@ietf.org
Subject: [apps-discuss] Last Call: <draft-ietf-appsawg-http-forwarded-06.txt> (Forwarded HTTP Extension) to Proposed Standard
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ietf@ietf.org
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Jul 2012 16:28:53 -0000

The IESG has received a request from the Applications Area Working Group
WG (appsawg) to consider the following document:
- 'Forwarded HTTP Extension'
  <draft-ietf-appsawg-http-forwarded-06.txt> as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2012-07-23. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


   This document standardizes an HTTP extension header field that allows
   proxy components to disclose information lost in the proxying
   process, for example, the originating IP address of a request or IP
   address of the proxy on the user-agent-facing interface.  Given a
   trusted path of proxying components, this makes it possible to
   arrange it so that each subsequent component will have access to, for
   example, all IP addresses used in the chain of proxied HTTP requests.

   This document also specifies guidelines for a proxy administrator to
   anonymize the origin of a request.


The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-appsawg-http-forwarded/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-appsawg-http-forwarded/ballot/


No IPR declarations have been submitted directly on this I-D.

====================================
A specific point for Last Call discussion, please:
During AD Evaluation, the registration policy for the new "HTTP
Forwarded parameters" registry (see Section 9) was changed to
"Specification Required" from "RFC Required".  This needs further
review during Last Call, for two reasons:

1. While RFC Required forces new registrations through the IETF RFC
process, and might discourage registrations from individuals or
organizations that are unfamiliar with or averse to that process,
Specification Required necessitates the appointment of a Designated
Expert to review the requests and associated specifications.  Each of
these policies comes with baggage, and we have to make sure we're
weighing it down with the *right* baggage.

2. If we stay with Specification Required we should include a short
paragraph with rough guidelines for the Designated Expert: what to
consider when approving registration requests.  If we want the DE to
approve most requests, just checking the associated specifications for
sanity, we need to say that.  If we want the DE to put some judgment
into deciding whether the requested parameters make sense and fit into
the usage model, or whatever, we should say something about that. 
Comments and proposed text for this are encouraged.
====================================