Re: [apps-discuss] [OAUTH-WG] [http-state] HTTP MAC Authentication Scheme

Randy Fischer <randy.fischer@gmail.com> Wed, 08 June 2011 01:05 UTC

Return-Path: <randy.fischer@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA42311E8169; Tue, 7 Jun 2011 18:05:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GZFKTlgRcCfe; Tue, 7 Jun 2011 18:05:53 -0700 (PDT)
Received: from mail-ey0-f172.google.com (mail-ey0-f172.google.com [209.85.215.172]) by ietfa.amsl.com (Postfix) with ESMTP id 88A8D11E8154; Tue, 7 Jun 2011 18:05:52 -0700 (PDT)
Received: by eye13 with SMTP id 13so7213eye.31 for <multiple recipients>; Tue, 07 Jun 2011 18:05:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=zWUBEWDsEim3T3uROAtyiYrb74HcVJGxmn5fllGZeoA=; b=elj0QzMOORMz98wvXUMU7auOGAmAK1vKE1rKLTU2m9A1XtPtpHkXstC46Egv9L5FJT x8n3F3fKD0+U5+mEylbne50gXstVPkEkLCc6qHawTr7ZNh7hjdQH4Q2xQzDE6wbm3zHl ukf+gTVdICsnypzo7HOKNxJf3j61dLoM6HokQ=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=l1Vz0ptlBcmd6V1wgL+IJVv93lmCQRBTfwjzcEk6X0CnyuuQya65kw4BhWcv8ZYCQl F8EAU2AkX8kKRcHCohfZBMatw4qskj5eeTnKFGNelS8jkm1+ccHAMtKrG/UnX6HqvoBf xMZbvmZPCEx5f1oa7hvoPsDEH8+xVfvnECVdY=
MIME-Version: 1.0
Received: by 10.213.15.6 with SMTP id i6mr11009eba.148.1307495151605; Tue, 07 Jun 2011 18:05:51 -0700 (PDT)
Received: by 10.213.23.2 with HTTP; Tue, 7 Jun 2011 18:05:51 -0700 (PDT)
In-Reply-To: <BANLkTik7LyPWssAb0EBmx11hK53hiwgmrA@mail.gmail.com>
References: <90C41DD21FB7C64BB94121FBBC2E723447581DA8EA@P3PW5EX1MB01.EX1.SECURESERVER.NET> <BANLkTikpQNyQdr9oWHhtJ7a7d-4ri0CNdA@mail.gmail.com> <09c801cc24c2$a05bae00$e1130a00$@packetizer.com> <BANLkTin30NVzYVV1m4gmyh42DWs-nSQpAg@mail.gmail.com> <00f101cc255e$2d426020$87c72060$@packetizer.com> <BANLkTimn8c72p5bjwHNapW9kVCVBmNbC4w@mail.gmail.com> <1307486600.48324.YahooMailNeo@web31808.mail.mud.yahoo.com> <BANLkTi==5LjD7vW74tqB_sbSHrLjsJE6+A@mail.gmail.com> <4DEEAD76.2090800@adida.net> <BANLkTik7LyPWssAb0EBmx11hK53hiwgmrA@mail.gmail.com>
Date: Tue, 7 Jun 2011 21:05:51 -0400
Message-ID: <BANLkTik1yv0NdMBo-u=dzDhBnf6diqRrNg@mail.gmail.com>
From: Randy Fischer <randy.fischer@gmail.com>
To: Nico Williams <nico@cryptonector.com>
Content-Type: text/plain; charset=ISO-8859-1
X-Mailman-Approved-At: Wed, 08 Jun 2011 08:39:52 -0700
Cc: "apps-discuss@ietf.org" <apps-discuss@ietf.org>, Ben Adida <ben@adida.net>, Adam Barth <adam@adambarth.com>, "http-state@ietf.org" <http-state@ietf.org>, "William J. Mills" <wmills@yahoo-inc.com>, HTTP Working Group <ietf-http-wg@w3.org>, OAuth WG <oauth@ietf.org>
Subject: Re: [apps-discuss] [OAUTH-WG] [http-state] HTTP MAC Authentication Scheme
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jun 2011 01:07:44 -0000

On Tue, Jun 7, 2011 at 7:09 PM, Nico Williams <nico@cryptonector.com> wrote:
> Or am I missing something?


Well, last I tried it under apache, at least, there was a hard limit
on the length of
a TLS stream.   Since I use HTTP for a storage system for multi-GB files,  I'd
really love to see alternatives.

-Randy Fischer