Re: [appsdir] Scans for draft-ietf-tokbind-protocol and draft-ietf-tokbind-https
Eliot Lear <lear@cisco.com> Wed, 08 April 2015 17:38 UTC
Return-Path: <lear@cisco.com>
X-Original-To: appsdir@ietfa.amsl.com
Delivered-To: appsdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3E591A86F3 for <appsdir@ietfa.amsl.com>; Wed, 8 Apr 2015 10:38:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JcGobdd2oILE for <appsdir@ietfa.amsl.com>; Wed, 8 Apr 2015 10:38:05 -0700 (PDT)
Received: from aer-iport-2.cisco.com (aer-iport-2.cisco.com [173.38.203.52]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B61131A6FE9 for <appsdir@ietf.org>; Wed, 8 Apr 2015 10:38:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2966; q=dns/txt; s=iport; t=1428514684; x=1429724284; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to; bh=UTz5h/zBWt1n+Qp6IQ6TntMWimKrGrvgCB+5THeIb0w=; b=YBkyIqOSz9msYqIiA2ZGZTtbPxYn+i+CVraxcNAr7agNtXnjeW8JrniA VIOOfrrJu+T+64uF+sZ947gXzuLPuL+9q1iG+eyeZygLmwmhWFaphuLVQ 9W54eMpqNSwPUPZJTgnDvJH1Yueq6dt/LTt7+oS97FsBkfamM0ZNuMhtJ 0=;
X-Files: signature.asc : 481
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0D+AwAiZiVV/xbLJq1cg1pcgxXAVwmBSAqFL04CgWIUAQEBAQEBAX2EIAEBBAEBASBLCgEQCxgJFgsCAgkDAgECAQ8GMAYBDAEFAgEBiBIDEQ22QZEODYUYAQEBAQEBAQEBAQEBAQEBAQEBAQEBEwSLK4JIgWlLB4JogUUBBIRXjguBM4RlNIFNgR2FeYcSgmmDSiKDcTwxgkMBAQE
X-IronPort-AV: E=Sophos;i="5.11,545,1422921600"; d="asc'?scan'208";a="422027766"
Received: from aer-iport-nat.cisco.com (HELO aer-core-1.cisco.com) ([173.38.203.22]) by aer-iport-2.cisco.com with ESMTP; 08 Apr 2015 17:38:02 +0000
Received: from [10.61.95.48] (ams3-vpn-dhcp7985.cisco.com [10.61.95.48]) by aer-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id t38Hc1po018387; Wed, 8 Apr 2015 17:38:01 GMT
Message-ID: <55256779.8010001@cisco.com>
Date: Wed, 08 Apr 2015 19:38:01 +0200
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Martin Thomson <martin.thomson@gmail.com>, Ted Hardie <ted.ietf@gmail.com>
References: <CA+9kkMAMWAdhkw0Am8QH-MShdrgiNJsJT9jO45GrCnp1ZANAzg@mail.gmail.com> <CABkgnnW=zZAEieM1r5Dn3dwAqSx99j1cP8xukAn6tekRXtv5gg@mail.gmail.com>
In-Reply-To: <CABkgnnW=zZAEieM1r5Dn3dwAqSx99j1cP8xukAn6tekRXtv5gg@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="vlpNIduq0QXSDJ4khO5fg32nBGQFfRmp9"
Archived-At: <http://mailarchive.ietf.org/arch/msg/appsdir/hxydL90RU2VmHdUBjM8MlFtztHk>
Cc: appsdir@ietf.org, Allison Mankin <allison.mankin@gmail.com>
Subject: Re: [appsdir] Scans for draft-ietf-tokbind-protocol and draft-ietf-tokbind-https
X-BeenThere: appsdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Apps Area Review List <appsdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/appsdir>, <mailto:appsdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/appsdir/>
List-Post: <mailto:appsdir@ietf.org>
List-Help: <mailto:appsdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/appsdir>, <mailto:appsdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Apr 2015 17:38:06 -0000
Thank you both. I will work with the reviewer on timing based on your advice, Martin. Eliot On 4/8/15 6:38 PM, Martin Thomson wrote: > FYI, I've been paying attention to these. They certainly need a lot > of attention. I have suggested several changes that - if they are > accepted - will completely change the structure of the two drafts. > One of those proposed changes is a merge of the drafts. The authors > have accepted the need to change the negotiation portion in -protocol > entirely. > > Attention is definitely warranted, but some delay might avoid some churn. > > On 7 April 2015 at 17:15, Ted Hardie <ted.ietf@gmail.com> wrote: >> draft-ietf-tokbind-protocol will need significant attention, especially from >> folks with application security, privacy, and web services backgrounds. >> Though the draft isn't very long, it describes a general method of binding >> application security tokens to a channel and reusing them with a server as >> well as methods for taking those issued by one server and using them >> elsewhere. The interaction between the binding and application semantics >> will likely be a focus of reviews, as would be the privacy implication of a >> long-lived token of this type (though the draft presumes the ability to >> clear state, it's not at all clear that this would be available to mobile >> apps or similar). >> >> draft-ietf-tokbind-https will need a similar amount of attention, especially >> from folks familiar with HTTP semantics (headers and status code semantics >> being two areas of concern). In essence, this is the worked example of the >> protocol, embodied in HTTP. >> >> regards, >> >> Ted >> >> _______________________________________________ >> appsdir mailing list >> appsdir@ietf.org >> https://www.ietf.org/mailman/listinfo/appsdir >> > _______________________________________________ > appsdir mailing list > appsdir@ietf.org > https://www.ietf.org/mailman/listinfo/appsdir > >
- [appsdir] Scans for draft-ietf-tokbind-protocol a… Ted Hardie
- Re: [appsdir] Scans for draft-ietf-tokbind-protoc… Martin Thomson
- Re: [appsdir] Scans for draft-ietf-tokbind-protoc… Eliot Lear