[Extra] client-id next steps - let's find them a home
Bron Gondwana <brong@fastmailteam.com> Fri, 20 July 2018 03:55 UTC
Return-Path: <brong@fastmailteam.com>
X-Original-To: extra@ietfa.amsl.com
Delivered-To: extra@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF8B4130E78 for <extra@ietfa.amsl.com>; Thu, 19 Jul 2018 20:55:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fastmailteam.com header.b=jNzkpllg; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=vtSM07eY
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hcYbuUeM_UqA for <extra@ietfa.amsl.com>; Thu, 19 Jul 2018 20:55:53 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A515D1277D2 for <extra@ietf.org>; Thu, 19 Jul 2018 20:55:53 -0700 (PDT)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id C967521B7F for <extra@ietf.org>; Thu, 19 Jul 2018 23:55:52 -0400 (EDT)
Received: from web1 ([10.202.2.211]) by compute6.internal (MEProxy); Thu, 19 Jul 2018 23:55:52 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= fastmailteam.com; h=content-transfer-encoding:content-type:date :from:message-id:mime-version:subject:to:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; bh=9YbEx5WIvTO+ZfMeD/ms3u/w7Fy/Aw1oTEglj5pft GA=; b=jNzkpllg4crXtyBUV/ui7HbWlSCJK5BDuRQNcj8/38Htmi3YTz9KXeFdg if3ew/NKhZrZxGoyijY5VZMWP1va0Oi+F8tx3CBd3T0U7IJ1BVevLhuOTMT3CFi4 UdTmYiNVO9hlosDppikVWi0SIHysmxYvYI95C+/3GckMuzXPCnvKBhTfBhXbZyn1 yqX3Oxf0i87MRULirtYFw/K53VHQGYnxqpnhg4L+gTTUeDPV2ijq/gmly7HIwIwi RsJLW0pKIAtX7ztXmLyEJQsLHn8iFTMMfAhdUrsyc4ovyymZUruwR+SxMJ/o0LsU VtTcStPi8tAWSfo/iBAESzdjagjVQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:message-id:mime-version:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=9YbEx5WIvTO+ZfMeD/ms3u/w7Fy/A w1oTEglj5pftGA=; b=vtSM07eYQ8UFXilOTP4dOveEgYnvdyTMw6IgkGtrf0jah 7O/LWFDSeAOt4Yy9fQqZ+/+Kn5RmYssHDr3WYxdEcDn0DVFL3Hu6LzAMMIIqOSqY vXVPeI+/5zadfTRF2YcCagJ/a74dQOHHWE9HEJ1he4fH/+B9D4C6F++DKvQFhegF rW2b2cyg4ZLuaRBZMkXxhWp49YPfwTeQ33PSgSqzBUMxJzM+W9cfT90jGf+vpybN FccaDynf+P0lMoYmUcity/julxd3YXtSbKhmBgPI6V933KExh6vC0xbjE3lstUis zKa1NmcWlT9PXrIzor2HJwazoKhF5ru1kdHrzGLEQ==
X-ME-Proxy: <xmx:SF1RW_MxmGPrJ6Vh1r84ijqUvkT6j3xAhm9FMSoy0VOE2ECuiO5YCg> <xmx:SF1RWxC2ZIL2wzwmkXD3rNlR8XPoEuNIHtrybLQ9q3Gz4DOBxX3F1w> <xmx:SF1RW2vE7oebt3Wp_3aLAHb3-NaQcwjk2Y_KdahOyqzTPwQqJqbdmQ> <xmx:SF1RW-3G9yx8-xtfywyqNAbj0Lpk_y4jMmoiFitK8Y2qwOGYW5x9lA> <xmx:SF1RW0n5mvO5DlXzrzCv_FL294uXOhN7axs9Rzi572uZlJamcGtjtw> <xmx:SF1RW9R7piEnonoHWhFWdOSwHpJMZ1kSfTiLMHBHWgiycUbqsa0wBw>
X-ME-Sender: <xms:SF1RW59EoKKo5Wo0Lnt0NFFrO-dfFBhBYtixygfm8-nN9IIz_pDFeQ>
Received: by mailuser.nyi.internal (Postfix, from userid 99) id 7026B940DA; Thu, 19 Jul 2018 23:55:52 -0400 (EDT)
Message-Id: <1532058952.1886016.1446876976.42C7FF3D@webmail.messagingengine.com>
From: Bron Gondwana <brong@fastmailteam.com>
To: extra@ietf.org
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: multipart/alternative; boundary="_----------=_153205895218860160"
X-Mailer: MessagingEngine.com Webmail Interface - ajax-0843ff3e
Date: Fri, 20 Jul 2018 13:55:52 +1000
Archived-At: <https://mailarchive.ietf.org/arch/msg/extra/8t8CC8epyquboBBDPHDudqEjwTQ>
Subject: [Extra] client-id next steps - let's find them a home
X-BeenThere: extra@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Email mailstore and eXtensions To Revise or Amend <extra.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/extra>, <mailto:extra-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/extra/>
List-Post: <mailto:extra@ietf.org>
List-Help: <mailto:extra-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/extra>, <mailto:extra-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jul 2018 03:55:57 -0000
We discussed draft-yu-imap-client-id in today's meeting, and while we came to the conclusion that it wasn't a document for the working group to adopt, the problem it's trying to solve is something which the IETF could help with. Ned's comment in jabber that didn't make it into the discussion was something like, it's a cookie, just one the client creates. That's pretty much it. It's basically there are an input to the calculation that every server has to make on every connection "how much do I believe that this login is from who it says it's from", or at a more meta level "how trustworthy is this connection and much do I want to obey its requests". At the most trivial level, that's what authentication is - the username and password (or whatever) gives the server sufficient trust in the other end of the connection that it allows access to (and maybe modification of a subset of resources, correlated by the username used). A general cookie-like "this is a device I have communicated with before" as an additional input to the server's decision making would be welcomed by services who see stolen passwords as a common fraud problem, so there would definitely be appetite for this kind of work. The open question really is "is this work better suited to a different group and potentially a different area", and if so "can we help the authors find that area". Bron. -- Bron Gondwana, CEO, FastMail Pty Ltd brong@fastmailteam.com
- [Extra] client-id next steps - let's find them a … Bron Gondwana
- Re: [Extra] client-id next steps - let's find the… Ned Freed
- Re: [Extra] client-id next steps - let's find the… Chris Newman
- Re: [Extra] client-id next steps - let's find the… Timo Sirainen
- Re: [Extra] client-id next steps - client-id vs e… Michael Peddemors
- Re: [Extra] client-id next steps - let's find the… Bron Gondwana
- Re: [Extra] client-id next steps - client-id vs e… Bron Gondwana
- Re: [Extra] client-id next steps - let's find the… John Levine
- Re: [Extra] client-id next steps - client-id vs e… Chris Newman
- Re: [Extra] client-id next steps - let's find the… Chris Newman
- Re: [Extra] client-id next steps - let's find the… Ned Freed
- Re: [Extra] client-id next steps - client-id vs e… Timo Sirainen
- Re: [Extra] client-id next steps - client-id vs e… Ned Freed
- Re: [Extra] client-id next steps - client-id vs e… John Levine
- Re: [Extra] client-id next steps - client-id vs e… Timo Sirainen
- Re: [Extra] client-id next steps - client-id vs e… Alexey Melnikov
- Re: [Extra] client-id next steps - client-id vs e… Timo Sirainen
- Re: [Extra] client-id next steps - client-id vs e… Michael Peddemors
- Re: [Extra] client-id next steps - client-id vs e… John R Levine
- Re: [Extra] client-id next steps - client-id vs e… Ned Freed
- Re: [Extra] client-id next steps - client-id vs e… Timo Sirainen
- Re: [Extra] client-id next steps - client-id vs e… John R Levine
- Re: [Extra] client-id next steps - client-id vs e… Ned Freed
- Re: [Extra] client-id next steps - client-id vs e… Ned Freed
- Re: [Extra] client-id next steps - client-id vs e… Timo Sirainen
- Re: [Extra] client-id next steps - client-id vs e… John R Levine
- Re: [Extra] client-id next steps - client-id vs e… Ned Freed
- Re: [Extra] client-id next steps - client-id vs e… Michael
- Re: [Extra] client-id next steps Michael Peddemors