[dispatch] Guidance on Recommendations for Key Directories Over HTTP
Thibault Meunier <ot-ietf@thibault.uk> Thu, 13 February 2025 10:00 UTC
Return-Path: <ot-ietf@thibault.uk>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2EB91C14F74A for <dispatch@ietfa.amsl.com>; Thu, 13 Feb 2025 02:00:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.103
X-Spam-Level:
X-Spam-Status: No, score=-2.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=thibault.uk
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XL2ktTm2snOX for <dispatch@ietfa.amsl.com>; Thu, 13 Feb 2025 02:00:34 -0800 (PST)
Received: from mail-10624.protonmail.ch (mail-10624.protonmail.ch [79.135.106.24]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C8D36C151068 for <dispatch@ietf.org>; Thu, 13 Feb 2025 02:00:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thibault.uk; s=protonmail; t=1739440833; x=1739700033; bh=1BoS8fSuhBpIuknD9xgbALfUcP7lNgs4Pt/CIIndidk=; h=Date:To:From:Cc:Subject:Message-ID:Feedback-ID:From:To:Cc:Date: Subject:Reply-To:Feedback-ID:Message-ID:BIMI-Selector: List-Unsubscribe:List-Unsubscribe-Post; b=QOM8I05WYh8QxaLOJIy5XOSFcUFRHLOlJrgYObqwjCgUZ6t1vzVBVmR2rVAtYq9kg NBsJJyCPiUcQhVC0dmWGKOrHi50le58zy9+yyHetMkkew76oWz7lrbMayznwfRj/cD vZPm4gS4CCS2e0YfKfxD9C1BCd/63a6u/K1TlIRuLFk22Sra28qpTsqm88rdfplcpF x5TXhD9Cl+FuP73JrDz/XCIDLbZJnIP1nMN7uaA/vWnT6wuAjMvUUOLuiX5IuuBXfy EQyr3aLYVI+DQ36rbfSbEJym1wT9hf2K1Aa4YRAbO8Hgs5xox7mtYXDTJXZsn1xYXW Haxw4SSNQsaMQ==
Date: Thu, 13 Feb 2025 10:00:29 +0000
To: "dispatch@ietf.org" <dispatch@ietf.org>
From: Thibault Meunier <ot-ietf@thibault.uk>
Message-ID: <A06tx5AmGBK1qFrfyn4ye18NxyB1IeNMpEMeCGG_elix1F1Q08zbpdJsSiYIP6LZab9QFYNYT6gVkgOApEC03lTkXC8kALXxvDtRMPS91SM=@thibault.uk>
Feedback-ID: 60844204:user:proton
X-Pm-Message-ID: 506a2ff76007e6d321611c1ed6d783db4a2e5ec6
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="b1=_G6HBVrFy08UYcg2vIUoqpIIOgIy1zuxfB0NDmP6sZE"
Message-ID-Hash: 2PIKRDOP5CKZYJLDBQDXD6TAIUBFJE4L
X-Message-ID-Hash: 2PIKRDOP5CKZYJLDBQDXD6TAIUBFJE4L
X-MailFrom: ot-ietf@thibault.uk
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dispatch.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "fisher@darling.dev" <fisher@darling.dev>, "rfc@simonnewton.com" <rfc@simonnewton.com>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [dispatch] Guidance on Recommendations for Key Directories Over HTTP
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/vqBMFJ59W1xOmtL5VMYAoWVT3Y4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Owner: <mailto:dispatch-owner@ietf.org>
List-Post: <mailto:dispatch@ietf.org>
List-Subscribe: <mailto:dispatch-join@ietf.org>
List-Unsubscribe: <mailto:dispatch-leave@ietf.org>
Hi all, Many Internet protocols rely on public key cryptography and assume Origins to distribute keys to Clients. This draft provides recommendations for protocols that expose key directories over HTTP. The draft is available on the datatracker at https://datatracker.ietf.org/doc/draft-darling-key-directory-over-http/ We couldn’t identify an existing working group that fits, as it spans multiple areas—HTTP, cryptography, and key distribution (JOSE/COSE/…). At a high level, the draft presents some existing key directories, and recommends that protocols define: 1. A deterministic key ID, 2. A deterministic key selection algorithm for Clients, 3. Cache header relations to key material (expiry, not before), 4. A well-known URL. We welcome feedback and suggestions on the appropriate venue for this work, and on the proposal itself. Thank you, Fisher, Simon, Thibault
- [dispatch] Guidance on Recommendations for Key Di… Thibault Meunier
- [dispatch] Re: Guidance on Recommendations for Ke… Thibault Meunier
- [dispatch] Re: Caller ID Verification in SIP Ted Hardie
- [dispatch] Caller ID Verification in SIP Hao, Feng
- [dispatch] Re: [stir] Re: Caller ID Verification … Christer Holmberg
- [dispatch] Re: Caller ID Verification in SIP Brett Nemeroff
- [dispatch] Re: [E] Caller ID Verification in SIP Dwight, Timothy M (Tim)
- [dispatch] Re: Caller ID Verification in SIP Hao, Feng
- [dispatch] Re: [stir] Re: Caller ID Verification … Hao, Feng
- [dispatch] Re: Caller ID Verification in SIP Hao, Feng
- [dispatch] Re: Caller ID Verification in SIP Brett Nemeroff
- [dispatch] Re: [sipcore] [E] Caller ID Verificati… Chris Wendt
- [dispatch] Re: Caller ID Verification in SIP Hao, Feng
- [dispatch] Re: [sipcore] Re: [E] Caller ID Verifi… Hao, Feng
- [dispatch] Re: [sipcore] [E] Caller ID Verificati… Hao, Feng
- [dispatch] Re: Caller ID Verification in SIP Brett Nemeroff
- [dispatch] Re: Caller ID Verification in SIP Hao, Feng
- [dispatch] Re: [sipcore] Re: [E] Caller ID Verifi… DOLLY, MARTIN C
- [dispatch] Re: Caller ID Verification in SIP Jim Fenton