[dispatch] Re: OODA-HTTP — Header Naming and RFC 6648 Compliance
Rachid Bouziane <contact@secroot.io> Thu, 03 July 2025 23:31 UTC
Return-Path: <contact@secroot.io>
X-Original-To: dispatch@mail2.ietf.org
Delivered-To: dispatch@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 7B52E3DD8834; Thu, 3 Jul 2025 16:31:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.868
X-Spam-Level:
X-Spam-Status: No, score=-1.868 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.232, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=secroot.io
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DqU2YBfPomQ5; Thu, 3 Jul 2025 16:31:31 -0700 (PDT)
Received: from out-11.shared.jellyfish.systems (out-11.shared.jellyfish.systems [63.250.43.81]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id DC9B93DD882C; Thu, 3 Jul 2025 16:31:31 -0700 (PDT)
Received: from prod-lbout-phx.jellyfish.systems (unknown [198.54.114.69]) by shared.jellyfish.systems (Postfix) with ESMTPA id 4bYChJ5w8jz31NV; Thu, 03 Jul 2025 23:31:28 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=secroot.io; s=default; h=Content-Transfer-Encoding:Content-Type:Message-ID:Subject:Cc:To: From:Date:MIME-Version:Sender:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=6oPQAsB5I8iqFSsUh1bnI2Yf19qRvigHsI+BxU7zX9Q=; b=cBPyytqENln62EwSbDBR9CJxX+ P2tflQbRWyFEX3v2HcQLitM0vtZt5+194OY28gRucckq4d3eQ3AkGiE80JnvkV6v/egK2iaLAN0bf QwyB/BZaBBeZ8c0W0n+FWy3lFHP/keK3DZOT3H76Hz1StgOGoLrIePI0guzuut6NjdYIHdBlvR/NK PoJXXSfejfJxBeBpCqDpAOGaXKaMeWg0iv6IoID0M5IgzRfZlEdX/eCtm//QLcgmPGU6G8DQVERxY NSV45svbi9AW1NRu0wOyNJVs2usVf3bDUBzRuElqIxdp9RoV9cHK0gW9G5u4hykry2bMSXTNRwTct HLDTujkg==;
Received: from [::1] (port=50604 helo=server190.web-hosting.com) by server190.web-hosting.com with esmtpa (Exim 4.98.2) (envelope-from <contact@secroot.io>) id 1uXTOq-000000056TC-2R22; Thu, 03 Jul 2025 19:31:28 -0400
MIME-Version: 1.0
Date: Thu, 03 Jul 2025 19:31:28 -0400
From: Rachid Bouziane <contact@secroot.io>
To: Ted Hardie <ted.ietf@gmail.com>
User-Agent: Roundcube Webmail/1.6.11
Message-ID: <f6cee762435505b3f81352342172580d@secroot.io>
X-Sender: contact@secroot.io
Organization: SecRoot
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Message-ID-Hash: JPN22IAFGKCWHB2S5RZB7W3ZIT4U342N
X-Message-ID-Hash: JPN22IAFGKCWHB2S5RZB7W3ZIT4U342N
X-MailFrom: contact@secroot.io
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dispatch.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Lucas Pardue <lucas@lucaspardue.com>, Dispatch <dispatch@ietf.org>, Dispatch Chairs <dispatch-chairs@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [dispatch] Re: OODA-HTTP — Header Naming and RFC 6648 Compliance
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/nzAMQVZaAAVL5AihVRK0Y0ruarU>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Owner: <mailto:dispatch-owner@ietf.org>
List-Post: <mailto:dispatch@ietf.org>
List-Subscribe: <mailto:dispatch-join@ietf.org>
List-Unsubscribe: <mailto:dispatch-leave@ietf.org>
Dear Ted, Thank you very much for your valuable remark and for pointing out RFC 6648. You're absolutely right — the use of the X-OODA-Action header in the early draft was meant as a provisional placeholder to explore semantics and trigger mechanisms for HTTP-level behavioral response. We fully acknowledge that headers intended for standardization must comply with RFC 6648, and we are committed to removing the "X-" prefix in the upcoming versions of the draft. Once the protocol semantics are better established and consensus begins to emerge, we will propose a standard-compliant header name — possibly just OODA-Action, aligned with IETF practices and consistent with the intent to integrate this mechanism into the broader HTTP/TLS ecosystem. We greatly appreciate your guidance on this matter. Warm regards, Rachid Bouziane SecRoot.io — OODA-HTTP Initiative
- [dispatch] Re: OODA-HTTP — Header Naming and RFC … Rachid Bouziane