Re: [dispatch] [Secdispatch] IETF I-D submission - please review draft-sandowicz-httpbis-httpa2
Martin Thomson <mt@lowentropy.net> Fri, 14 October 2022 00:25 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FFB8C14CE44 for <dispatch@ietfa.amsl.com>; Thu, 13 Oct 2022 17:25:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.807
X-Spam-Level:
X-Spam-Status: No, score=-2.807 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=HifOsqNJ; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=iQSQDIGy
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QEYMlOYz3IWl for <dispatch@ietfa.amsl.com>; Thu, 13 Oct 2022 17:25:47 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 615F0C14EB1C for <dispatch@ietf.org>; Thu, 13 Oct 2022 17:25:47 -0700 (PDT)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 959895C01A2 for <dispatch@ietf.org>; Thu, 13 Oct 2022 20:25:46 -0400 (EDT)
Received: from imap41 ([10.202.2.91]) by compute3.internal (MEProxy); Thu, 13 Oct 2022 20:25:46 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=cc:content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm1; t=1665707146; x=1665793546; bh=DIKVaUmgol WIcKgYfYBzZgz91S9tATXmRiLhdu/pHBc=; b=HifOsqNJA3mCuQjjHqlPj8aGsn XUjpPCcbgExbtcFoMw6og18QEqnr5m3RxsSze2DHqi708NE3U7vBWu+xfqNypeFP XlPcLcmvBAmKuwQhr+1xSWjCdDREY31WjTYd8QehflZPW5FWZAUS7krh1/tMP6my bNGspYsY3oT1K6eklbtk5h+4jyQQozv7rlYtUzDR4xox56D69FSNhBP1K45IHsp3 K9OGito27DmbjZ9nW4/lxrqPKFwUopXafqThzaZ+zFZBSWRSLKVWRv0dLCM3cVXQ K5VhQJtrPEgQ+XQhXZ4LDFuILCOUQa6XkFIghQXu0B1tFjJjM9OBBuEjkMBw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; t=1665707146; x=1665793546; bh=DIKVaUmgolWIcKgYfYBzZgz91S9t ATXmRiLhdu/pHBc=; b=iQSQDIGyeDS4izVliHn4Rx4EP8IhN8dSealTfIRkdMs0 JzzT3WqSKZdV3zsCRwLp18XuxRUCrsty5eYr62D2I5STPhafTU0/mfoB7Srx7Doi IP9SQShiOFBcjOshEM8qLw0PdWdkGuROl6Cjl0mOoFaHG3ZrrT58BoN4r9JkPLn1 CgItiZIoF0RkraHV3aJoT8Rrl7r1oyUulsz5609hRk4RGp6BFna4qrWfJm03NwLZ PizXKmoQPm+eulOUvXGBDLvanks9830iUUtV5w4hEJi8G8WO1rGTZ6BeLlhxTBGr 1/mo6Kz4DTbQ6q8y0FPmNc0JMuvGLNMgz+kYfFDnYQ==
X-ME-Sender: <xms:iqxIYzT2xc4YBfcNoHeDxxPtRsY01bN5x2q_T2fHePcY9EUvg3Kg_w> <xme:iqxIY0yoYj2D2mQnai0pZtvxj8gJ-44FlLaE6Xv48IyG2exQmnc5_A-Z9umVpql6E yp1BbIGNI_9qg7ucsw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrfeekuddgfeehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsehttd ertderredtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho figvnhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpeevgeeggfeuleelffefie eftdfhleegkedttdfhtdetjefgkefghfeijeeigedtueenucffohhmrghinheprghrgihi vhdrohhrghenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhroh hmpehmtheslhhofigvnhhtrhhophihrdhnvght
X-ME-Proxy: <xmx:iqxIY41Ipssiqr6ya8x7egpT1Mn4wKvJy-JWquh5nSvRZPSLLuKdlA> <xmx:iqxIYzD-2oeif3pmHHhq8k_fSZeflMOcXmjcTfB1kqk7Vlx_mK_L-g> <xmx:iqxIY8geIclLMcUYtf92FiaxZfoyfXQScLEJfNZFoH7Lurz_D5oPig> <xmx:iqxIY3tzQwkG_CYZwmf_-6clZh9AkavKwj5vNhe-TuxH-bxwLgFnqQ>
Feedback-ID: ic129442d:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 642FB2340080; Thu, 13 Oct 2022 20:25:46 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.7.0-alpha0-1047-g9e4af4ada4-fm-20221005.001-g9e4af4ad
Mime-Version: 1.0
Message-Id: <1d9ea1d4-db1f-4074-8005-28033195d79d@betaapp.fastmail.com>
In-Reply-To: <44B4C91D-F4E8-48EA-A44C-9ACC88FCDD9C@gmail.com>
References: <SJ0PR11MB50866565A26107208C374C26FF259@SJ0PR11MB5086.namprd11.prod.outlook.com> <44B4C91D-F4E8-48EA-A44C-9ACC88FCDD9C@gmail.com>
Date: Fri, 14 Oct 2022 11:25:29 +1100
From: Martin Thomson <mt@lowentropy.net>
To: dispatch@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/GdNVKPEEmkbPQ3atih7e4MtW75o>
Subject: Re: [dispatch] [Secdispatch] IETF I-D submission - please review draft-sandowicz-httpbis-httpa2
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Oct 2022 00:25:52 -0000
On Fri, Oct 14, 2022, at 11:13, Dan Wing wrote: > However, as I skimmed through the rest of the draft, I got the sense > there are other motivations for the design. Those motivations are not > clear. For others reading along, the ArXiv paper[1] is somewhat clearer about motivations, though I still found that I was still left with no real understanding of the goal of the draft. What I was looking for was a clear articulation of: 1. What specific problem exists. (problem statement) 2. Who is likely to be afflicted by those problems. (scope) 3. What general approach might be used to address these problems. (architecture and overview) 4. Rationale backing those high-level design choices. (design choices, alternatives) 5. Enough detail of how those design choices might be implemented that I can be convinced the design is feasible and broadly appropriate. The bulk of protocol detail can be omitted for early proposals like this one, with more focus on the earlier pieces. Both documents seem to assume a fair bit, jumping past a lot of the motivating pieces. For instance, the paper says "The client can verify those assurances provided by the server to decide whether they want to trust to run the computing workloads on the non-trusted server or not." Up until this point, there was no mention of workloads at all. There seem to be some assumptions being made about the application that this protocol is intended to support that isn't explained adequately. [1] https://arxiv.org/pdf/2110.07954.pdf
- [dispatch] IETF I-D submission - please review dr… Sandowicz, Krzysztof
- Re: [dispatch] IETF I-D submission - please revie… Roman Danyliw
- Re: [dispatch] [Secdispatch] IETF I-D submission … Dan Wing
- Re: [dispatch] [Secdispatch] IETF I-D submission … Martin Thomson