Re: [core] draft-hartke-core-stateless

Christian Amsüss <christian@amsuess.com> Tue, 11 September 2018 13:40 UTC

Return-Path: <christian@amsuess.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E1041286E3; Tue, 11 Sep 2018 06:40:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Klt9JeyReaDa; Tue, 11 Sep 2018 06:40:51 -0700 (PDT)
Received: from prometheus.amsuess.com (prometheus.amsuess.com [5.9.147.112]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DCB1A124D68; Tue, 11 Sep 2018 06:40:50 -0700 (PDT)
Received: from poseidon-mailhub.amsuess.com (095129206250.cust.akis.net [95.129.206.250]) by prometheus.amsuess.com (Postfix) with ESMTPS id 09175417B6; Tue, 11 Sep 2018 15:40:49 +0200 (CEST)
Received: from poseidon-mailbox.amsuess.com (hermes.amsuess.com [10.13.13.254]) by poseidon-mailhub.amsuess.com (Postfix) with ESMTP id 0CC2736; Tue, 11 Sep 2018 15:40:48 +0200 (CEST)
Received: from hephaistos.amsuess.com (hephaistos.amsuess.com [IPv6:2a02:b18:c13b:8010::71b]) by poseidon-mailbox.amsuess.com (Postfix) with ESMTPSA id B84032A; Tue, 11 Sep 2018 15:40:47 +0200 (CEST)
Received: (nullmailer pid 15824 invoked by uid 1000); Tue, 11 Sep 2018 13:40:47 -0000
Date: Tue, 11 Sep 2018 15:40:47 +0200
From: Christian =?iso-8859-1?Q?Ams=FCss?= <christian@amsuess.com>
To: Klaus Hartke <klaus.hartke@ericsson.com>
Cc: "draft-hartke-core-stateless@ietf.org" <draft-hartke-core-stateless@ietf.org>, 'Core' <core@ietf.org>
Message-ID: <20180911134046.GB5521@hephaistos.amsuess.com>
References: <009901d4495b$194c4f30$4be4ed90$@augustcellars.com> <20180911131124.GA5521@hephaistos.amsuess.com> <6131e11057e84ec3882d487b32965856@ericsson.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="OwLcNYc0lM97+oe1"
Content-Disposition: inline
In-Reply-To: <6131e11057e84ec3882d487b32965856@ericsson.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/vmBPoDcJhGHCr54Wt4zdj4gqlco>
Subject: Re: [core] draft-hartke-core-stateless
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Sep 2018 13:40:54 -0000

Hello Klaus,

On Tue, Sep 11, 2018 at 01:31:14PM +0000, Klaus Hartke wrote:
> But proxies also generate responses themselves, e.g., from cached
> responses or in case of errors (5.02, 5.04). We don't want clients to
> receive the extended token from another client or no extended token at
> all when a proxy does not support the option.

As long as the option is part of the cache key, any cached response
would need to have a matching request Extended-Token and thus would have
a matching response Extended-Token as well.

If those, by any chance, match up between two different staetless
proxies, *and* if there is a cached fresh response available, then so be
it, may the new request receive the original response. After all, it is
fresh, and the response Extended-Token returned is exactly the one
requested. If both requesting stateless proxies were stateful ones,
neither request would have a Extended-Token option, and the second
client would receive the cached request just as well.

(This is about the astronomically unlikely case of a collision in the
integrity protected tokens; it's way more likely that the stateless
proxy re-requested the resource on behalf of the very same origin if
such a cache hit happens. But still, even if, it'd be OK).

Best regards
Christian

-- 
To use raw power is to make yourself infinitely vulnerable to greater powers.
  -- Bene Gesserit axiom