Re: [apps-discuss] [OAUTH-WG] [http-state] HTTP MAC Authentication Scheme

Bjartur Thorlacius <svartman95@gmail.com> Thu, 09 June 2011 00:24 UTC

Return-Path: <svartman95@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AC6611E809E; Wed, 8 Jun 2011 17:24:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C8Zm9RP2daKP; Wed, 8 Jun 2011 17:24:27 -0700 (PDT)
Received: from mail-gx0-f172.google.com (mail-gx0-f172.google.com [209.85.161.172]) by ietfa.amsl.com (Postfix) with ESMTP id A8D7911E8080; Wed, 8 Jun 2011 17:24:27 -0700 (PDT)
Received: by gxk19 with SMTP id 19so647769gxk.31 for <multiple recipients>; Wed, 08 Jun 2011 17:24:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=566QAG7CNN/tVaKePByWyGGCc6puSRwhNRUG+WxTV1Q=; b=U1WaseFwTD/Wm7SHzYmU7EUjrBrFd5sv1Vz16EnRc2Isu8a3nYKsX4CamYrcLIu2Tl EUgLpVjMHJiUd0Q6/lFdSekNj3ISsW59wyG19zhRiRJcUnSnyVAITtaiQ5vZTyLaaW4r sErnQ09Fy59ooISUziIaPYXhqBy5NMFmS5bIw=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=XF9yZ+u4/LaP+5IbVz5E3C1mjF6hhhgJSfVifeu2RI4WuAPmVSJ24wnlblI5OPpivG 09LCU8nhAj8vDNSQbiInA4dSdmbpazbCG6X5/M9YbaEiudDvKB+tZwKWG/gbobHsYDHb 5yGU2rtw7VXnr361OGFBICI/QFKxhyTRsmC7g=
MIME-Version: 1.0
Received: by 10.236.186.38 with SMTP id v26mr65736yhm.415.1307579066953; Wed, 08 Jun 2011 17:24:26 -0700 (PDT)
Received: by 10.236.47.228 with HTTP; Wed, 8 Jun 2011 17:24:25 -0700 (PDT)
In-Reply-To: <BANLkTime7ve9H95yjdYO7dj85__kaRA4kg@mail.gmail.com>
References: <90C41DD21FB7C64BB94121FBBC2E723447581DA8EA@P3PW5EX1MB01.EX1.SECURESERVER.NET> <BANLkTikpQNyQdr9oWHhtJ7a7d-4ri0CNdA@mail.gmail.com> <09c801cc24c2$a05bae00$e1130a00$@packetizer.com> <BANLkTin30NVzYVV1m4gmyh42DWs-nSQpAg@mail.gmail.com> <00f101cc255e$2d426020$87c72060$@packetizer.com> <BANLkTimn8c72p5bjwHNapW9kVCVBmNbC4w@mail.gmail.com> <1307486600.48324.YahooMailNeo@web31808.mail.mud.yahoo.com> <BANLkTi==5LjD7vW74tqB_sbSHrLjsJE6+A@mail.gmail.com> <4DEEAD76.2090800@adida.net> <BANLkTik7LyPWssAb0EBmx11hK53hiwgmrA@mail.gmail.com> <20110607234131.GI1565@sentinelchicken.org> <BANLkTi=0Ra3zv3ViZyxRJSPtmnQh4v5eRQ@mail.gmail.com> <BANLkTi=98GodWuNCfU9bKZ389B7QG3ow+OjJHH9zCKF8tn8TDA@mail.gmail.com> <BANLkTime7ve9H95yjdYO7dj85__kaRA4kg@mail.gmail.com>
Date: Thu, 9 Jun 2011 00:24:25 +0000
Message-ID: <BANLkTimqFS4PEvfVsN7Tno0iqhEWOXffOg@mail.gmail.com>
From: Bjartur Thorlacius <svartman95@gmail.com>
To: Nico Williams <nico@cryptonector.com>
Content-Type: text/plain; charset=UTF-8
Cc: Tim <tim-projects@sentinelchicken.org>, HTTP Working Group <ietf-http-wg@w3.org>, OAuth WG <oauth@ietf.org>, "apps-discuss@ietf.org" <apps-discuss@ietf.org>, "http-state@ietf.org" <http-state@ietf.org>
Subject: Re: [apps-discuss] [OAUTH-WG] [http-state] HTTP MAC Authentication Scheme
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jun 2011 00:24:28 -0000

On 6/8/11, Nico Williams <nico@cryptonector.com> wrote:
> Sweet!  Thanks for confirming my intuition, and then some.  I like the
> idea that using TLS actually reduces latency -- I'd not have imagined
> it.
>
Well, it's the enforcement of the end-to-end principle that reduces
latency, not the TLS protocol per se. You'd get the same effect if
HTTP didn't support proxies in the first place.