IETF Logo Mail Archive

[Extra] client-id next steps - let's find them a home

Bron Gondwana <brong@fastmailteam.com> Fri, 20 July 2018 03:55 UTC

Return-Path: <brong@fastmailteam.com>
X-Original-To: extra@ietfa.amsl.com
Delivered-To: extra@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF8B4130E78 for <extra@ietfa.amsl.com>; Thu, 19 Jul 2018 20:55:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmailteam.com header.b=jNzkpllg; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=vtSM07eY
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hcYbuUeM_UqA for <extra@ietfa.amsl.com>; Thu, 19 Jul 2018 20:55:53 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A515D1277D2 for <extra@ietf.org>; Thu, 19 Jul 2018 20:55:53 -0700 (PDT)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id C967521B7F for <extra@ietf.org>; Thu, 19 Jul 2018 23:55:52 -0400 (EDT)
Received: from web1 ([10.202.2.211]) by compute6.internal (MEProxy); Thu, 19 Jul 2018 23:55:52 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= fastmailteam.com; h=content-transfer-encoding:content-type:date :from:message-id:mime-version:subject:to:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; bh=9YbEx5WIvTO+ZfMeD/ms3u/w7Fy/Aw1oTEglj5pft GA=; b=jNzkpllg4crXtyBUV/ui7HbWlSCJK5BDuRQNcj8/38Htmi3YTz9KXeFdg if3ew/NKhZrZxGoyijY5VZMWP1va0Oi+F8tx3CBd3T0U7IJ1BVevLhuOTMT3CFi4 UdTmYiNVO9hlosDppikVWi0SIHysmxYvYI95C+/3GckMuzXPCnvKBhTfBhXbZyn1 yqX3Oxf0i87MRULirtYFw/K53VHQGYnxqpnhg4L+gTTUeDPV2ijq/gmly7HIwIwi RsJLW0pKIAtX7ztXmLyEJQsLHn8iFTMMfAhdUrsyc4ovyymZUruwR+SxMJ/o0LsU VtTcStPi8tAWSfo/iBAESzdjagjVQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:message-id:mime-version:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=9YbEx5WIvTO+ZfMeD/ms3u/w7Fy/A w1oTEglj5pftGA=; b=vtSM07eYQ8UFXilOTP4dOveEgYnvdyTMw6IgkGtrf0jah 7O/LWFDSeAOt4Yy9fQqZ+/+Kn5RmYssHDr3WYxdEcDn0DVFL3Hu6LzAMMIIqOSqY vXVPeI+/5zadfTRF2YcCagJ/a74dQOHHWE9HEJ1he4fH/+B9D4C6F++DKvQFhegF rW2b2cyg4ZLuaRBZMkXxhWp49YPfwTeQ33PSgSqzBUMxJzM+W9cfT90jGf+vpybN FccaDynf+P0lMoYmUcity/julxd3YXtSbKhmBgPI6V933KExh6vC0xbjE3lstUis zKa1NmcWlT9PXrIzor2HJwazoKhF5ru1kdHrzGLEQ==
X-ME-Proxy: <xmx:SF1RW_MxmGPrJ6Vh1r84ijqUvkT6j3xAhm9FMSoy0VOE2ECuiO5YCg> <xmx:SF1RWxC2ZIL2wzwmkXD3rNlR8XPoEuNIHtrybLQ9q3Gz4DOBxX3F1w> <xmx:SF1RW2vE7oebt3Wp_3aLAHb3-NaQcwjk2Y_KdahOyqzTPwQqJqbdmQ> <xmx:SF1RW-3G9yx8-xtfywyqNAbj0Lpk_y4jMmoiFitK8Y2qwOGYW5x9lA> <xmx:SF1RW0n5mvO5DlXzrzCv_FL294uXOhN7axs9Rzi572uZlJamcGtjtw> <xmx:SF1RW9R7piEnonoHWhFWdOSwHpJMZ1kSfTiLMHBHWgiycUbqsa0wBw>
X-ME-Sender: <xms:SF1RW59EoKKo5Wo0Lnt0NFFrO-dfFBhBYtixygfm8-nN9IIz_pDFeQ>
Received: by mailuser.nyi.internal (Postfix, from userid 99) id 7026B940DA; Thu, 19 Jul 2018 23:55:52 -0400 (EDT)
Message-Id: <1532058952.1886016.1446876976.42C7FF3D@webmail.messagingengine.com>
From: Bron Gondwana <brong@fastmailteam.com>
To: extra@ietf.org
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: multipart/alternative; boundary="_----------=_153205895218860160"
X-Mailer: MessagingEngine.com Webmail Interface - ajax-0843ff3e
Date: Fri, 20 Jul 2018 13:55:52 +1000
Archived-At: <https://mailarchive.ietf.org/arch/msg/extra/8t8CC8epyquboBBDPHDudqEjwTQ>
Subject: [Extra] client-id next steps - let's find them a home
X-BeenThere: extra@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Email mailstore and eXtensions To Revise or Amend <extra.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/extra>, <mailto:extra-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/extra/>
List-Post: <mailto:extra@ietf.org>
List-Help: <mailto:extra-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/extra>, <mailto:extra-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jul 2018 03:55:57 -0000

We discussed draft-yu-imap-client-id in today's meeting, and while we
came to the conclusion that it wasn't a document for the working group
to adopt, the problem it's trying to solve is something which the IETF
could help with.
Ned's comment in jabber that didn't make it into the discussion was
something like, it's a cookie, just one the client creates.  That's
pretty much it.  It's basically there are an input to the calculation
that every server has to make on every connection "how much do I believe
that this login is from who it says it's from", or at a more meta level
"how trustworthy is this connection and much do I want to obey its
requests".
At the most trivial level, that's what authentication is - the username
and password (or whatever) gives the server sufficient trust in the
other end of the connection that it allows access to (and maybe
modification of a subset of resources, correlated by the username used).
A general cookie-like "this is a device I have communicated with before"
as an additional input to the server's decision making would be welcomed
by services who see stolen passwords as a common fraud problem, so there
would definitely be appetite for this kind of work.
The open question really is "is this work better suited to a different
group and potentially a different area", and if so "can we help the
authors find that area".
Bron.

--
  Bron Gondwana, CEO, FastMail Pty Ltd
  brong@fastmailteam.com

v2.23.0 | Report a Bug | By Email