[calsify] Anonymous bootstrapping ala RFC 6764
Дилян Палаузов <dilyan.palauzov@aegee.org> Fri, 13 September 2019 18:18 UTC
Return-Path: <dilyan.palauzov@aegee.org>
X-Original-To: calsify@ietfa.amsl.com
Delivered-To: calsify@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9726E120116 for <calsify@ietfa.amsl.com>; Fri, 13 Sep 2019 11:18:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (4096-bit key) header.d=aegee.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hg68D29yBe-X for <calsify@ietfa.amsl.com>; Fri, 13 Sep 2019 11:18:10 -0700 (PDT)
Received: from mail.aegee.org (mail.aegee.org [144.76.142.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3495A120110 for <calsify@ietf.org>; Fri, 13 Sep 2019 11:18:09 -0700 (PDT)
Authentication-Results: mail.aegee.org/x8DII5vq022636; auth=pass (LOGIN) smtp.auth=didopalauzov
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aegee.org; s=k4096; t=1568398687; i=dkim+MSA-tls@aegee.org; r=y; bh=Qhy9uyXzODaPEK2OBKWzoHgDuM/B/NviyJF99VxTJSg=; h=Subject:From:To:Date; b=QFMn16e94OLIqluU9w+eTtebES/Pe6ijflkP9gIWBB/otKGhrvj0kufDRUJkf8ZcN t05VWM9o72w5E1YMLBG0F5aemKLOyvTXrZEWwwAJX8PznFhWWuo11VrijBmP18Xm57 9cKIG6wX1kRa6Fj1JP/XiXBQ/l9ywqbGnu8AqDFcejYzTDUXCq8KRXLC380H60VzPI +GFS4UpVBNV8btXfw7Mxk0jEFys9BGoIfiPpoNJqbCLVCUAGkAFXkRA4PS2pJ1Zt+K wKu55MyG3jUdTnNV6SskFhsnIW3jJ2ZlJoEmQBCYjSg2MAUdW0o8TEYTYih8qyFQet 48s7kfxOOjRZAStLGOlOs2Q4TisbAWQxDI6nRh97lbCp30MCBIJWRDGgojXRuIXJI/ J+rLXu+U8oe+CqtG3tG53uNmLQ20h4HJuzkx4qrqVpZ/BRqlLSmg4lVI4iE/ij6Ado dOVRfja3p/izVOh4iRTBKjLb2oaIdJ2lXM5X4G9mlodnWRlOUlZwMwNrapQZ4FD0Lw pNqVUMKMNFqYmHPppq5E8OkXjAe0J6fl76mS8ad3AVEsxNzcb/uq3/dqXR6XZSAdI+ TcOLM9BIqb1MwCpBpZGLg15SK7OoFUPUIZwgzS6960laI5fPbhg+cq+9zJ+PTVCYzN wTBHWxlSKHGlmYk5OSc92+lE=
Authentication-Results: mail.aegee.org/x8DII5vq022636; dkim=none
Received: from Tylan (87-118-146-153.ip.btc-net.bg [87.118.146.153]) (authenticated bits=0) by mail.aegee.org (8.15.2/8.15.2) with ESMTPSA id x8DII5vq022636 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO) for <calsify@ietf.org>; Fri, 13 Sep 2019 18:18:06 GMT
Message-ID: <3d96737a9ccb3a75d736d9ff7af22959f0017a86.camel@aegee.org>
From: Дилян Палаузов <dilyan.palauzov@aegee.org>
To: calsify@ietf.org
Date: Fri, 13 Sep 2019 18:18:05 +0000
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.35.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.101.4 at mail.aegee.org
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/calsify/lg1dlgKgIlU079lpD_Uh-yfK2sw>
Subject: [calsify] Anonymous bootstrapping ala RFC 6764
X-BeenThere: calsify@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <calsify.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/calsify>, <mailto:calsify-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/calsify/>
List-Post: <mailto:calsify@ietf.org>
List-Help: <mailto:calsify-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/calsify>, <mailto:calsify-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Sep 2019 18:18:13 -0000
Hello, RFC 6764 describes a bootstrapping function. The input of the function is a mailto: or http(s): URL and the output is a webaddress, towards which a current-user-principle request can be made. Obviously, a CalDAV/CardDAV server can offer resources not only to authenticated users, but also to unauthenticated ones. A supoptimal way to offer calendar resources to unauthenticated users is, to publish an iCalendar file, which users download completly, whenever its ETag changes. The bootstrapping function has the advantage, that it implies that updates are done over the WebDAV Collection Synchronization protocol and for any domain, users can find in standard way of offered calendars (no need of descriptions in HTML for advanced users). How to perform the bootstrapping for unauthenticated users? For mailto: URLs, these can be of the form @domain , for http urls, these can be without username, say https://caldav.example.org/ (the opposite would be https://user@caldav.example.org/). A server supporting both authenticated and unauthenticated users will answer every query during the bootstrapping, without ever returning 401. Without seeing 401 clients do not know, which authentication schemas are supported and, ofter, do not try to authenticate. One way to find the available WWW-auth-mechanisms is to send invalid username as Authorization, other possibilities are e.g. to send OPTIONS call and to include in its result the supported schemas. RFC 7235 (HTTP/1.1: Authentication) permits authentication without waiting for 401 answer “ A user agent that wishes to authenticate itself with an origin server -- usually, but not necessarily, after receiving a 401 (Unauthorized) -- can do so by including an Authorization header field with the request.”. So it is ultimately the user, who knows whether she wants to authenticate or not. Does this need a separate internet draft? Regards Дилян
- [calsify] Anonymous bootstrapping ala RFC 6764 Дилян Палаузов