Re: [core] draft-hartke-core-stateless

Klaus Hartke <klaus.hartke@ericsson.com> Tue, 11 September 2018 13:31 UTC

Return-Path: <klaus.hartke@ericsson.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB3A612F1A2 for <core@ietfa.amsl.com>; Tue, 11 Sep 2018 06:31:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XQR_b2v8ntXj for <core@ietfa.amsl.com>; Tue, 11 Sep 2018 06:31:20 -0700 (PDT)
Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D930D130E83 for <core@ietf.org>; Tue, 11 Sep 2018 06:31:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/simple; q=dns/txt; i=@ericsson.com; t=1536672677; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=JrLtGF9Qn5xJ4V56tf4m3vvuF7LgtCv7uVnK3u3kOeQ=; b=NTq/EWszZkuhsTxv+yu6R/5nt1+6HQnsg39H3nEPxM3XS8eYz7eOmUxmNiDYT7/+ KgyJy3g0lMf6iEvmu/s1hRqb84sUGuF5odlA/GfzkDUNX+YLIOdgCq3DppcsVFT0 dzmqYtH5qELCmyaj6hR6cVjzRJrj2N9BfxL64ce9h4Y=;
X-AuditID: c1b4fb3a-6ba019c000007a64-df-5b97c3a512c6
Received: from ESESSMB505.ericsson.se (Unknown_Domain [153.88.183.123]) by sessmg22.ericsson.net (Symantec Mail Security) with SMTP id 31.FF.31332.5A3C79B5; Tue, 11 Sep 2018 15:31:17 +0200 (CEST)
Received: from ESESSMB502.ericsson.se (153.88.183.163) by ESESSMB505.ericsson.se (153.88.183.166) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Tue, 11 Sep 2018 15:31:15 +0200
Received: from ESESSMB502.ericsson.se ([153.88.183.190]) by ESESSMB502.ericsson.se ([153.88.183.190]) with mapi id 15.01.1466.003; Tue, 11 Sep 2018 15:31:14 +0200
From: Klaus Hartke <klaus.hartke@ericsson.com>
To: =?utf-8?B?Q2hyaXN0aWFuIEFtc8O8c3M=?= <christian@amsuess.com>, "draft-hartke-core-stateless@ietf.org" <draft-hartke-core-stateless@ietf.org>
CC: Jim Schaad <ietf@augustcellars.com>, 'Core' <core@ietf.org>
Thread-Topic: [core] draft-hartke-core-stateless
Thread-Index: AdRJSZxEFVxiHpnJRYejIUsSOODSiwAdpFyAAAROyKA=
Date: Tue, 11 Sep 2018 13:31:14 +0000
Message-ID: <6131e11057e84ec3882d487b32965856@ericsson.com>
References: <009901d4495b$194c4f30$4be4ed90$@augustcellars.com> <20180911131124.GA5521@hephaistos.amsuess.com>
In-Reply-To: <20180911131124.GA5521@hephaistos.amsuess.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.153]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprBIsWRmVeSWpSXmKPExsUyM2J7te7Sw9OjDVZ+lbXYt6OPxWLf2/XM Fp3LlzJbrJ7+nc2BxaPr4C9Wj41zprN5LFnykymAOYrLJiU1J7MstUjfLoErY8b9t0wFf9gr tq7fytjA+IC9i5GTQ0LAROLWmsdsXYxcHEICRxkl1jxZzQLhfGOUONHezQrhLGOU2Pn3LitI C5uAnsSqqT/YQRIiAhMZJZqW7gCbxSxgL3HqyUsmEFtYQF/i+IP9YA0iAgYS/X9PM0HYVhKX ZnUxg9gsAqoS2182g9XwClhL/JpxBSwuJFAgcf/vRxYQmxMofmj/bLA4o4CYxPdTa5ggdolL 3HoynwniBwGJJXvOM0PYohIvH/9jhbCVJPYeuw40hwOoXlNi/S59iFZFiSndD9kh1gpKnJz5 hGUCo9gsJFNnIXTMQtIxC0nHAkaWVYyixanFxbnpRkZ6qUWZycXF+Xl6eaklmxiB8XVwy2+r HYwHnzseYhTgYFTi4a3cPT1aiDWxrLgy9xCjBAezkgjvLp1p0UK8KYmVValF+fFFpTmpxYcY pTlYlMR5ndIsooQE0hNLUrNTUwtSi2CyTBycUg2MaUoX4pw2KcVPKlllFySpuSnLNtnR4fyl X2fWPZ9vsdqQX+bkZiu9Ov8LGivqww5zXM+++OkUn7B0UouMX5vUXp+QF66csfML/nN/WLhW /sRJ9sVX/xU2ufIUlm9WZflde63Rwc5e4t+jL++O/9OX29wf5l7ZVmK+e3/8l33NhbvEAqac /r9aiaU4I9FQi7moOBEADYaW/6sCAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/WfqXwz1onIZozL3ZQx3ToUxXx_o>
Subject: Re: [core] draft-hartke-core-stateless
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Sep 2018 13:31:26 -0000

Christian Amsüss wrote:
> I also think that the option can be safe to forward -- as long as the origin
> server replies with the "option part" of the token, the proxy will return the
> full original request identity (token plus option part) back.

Right, proxies could simply forward the extended tokens in the requests and responses generated by clients and servers. But proxies also generate responses themselves, e.g., from cached responses or in case of errors (5.02, 5.04). We don't want clients to receive the extended token from another client or no extended token at all when a proxy does not support the option.

I can't think of any way to get sensible behavior without the proxies understanding what's going on.

Klaus