Re: [Gen-art] Genart last call review of draft-ietf-httpbis-origin-frame-04
Brian E Carpenter <brian.e.carpenter@gmail.com> Tue, 28 November 2017 03:59 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 641FF129423 for <gen-art@ietfa.amsl.com>; Mon, 27 Nov 2017 19:59:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bGWhayWtu5Dg for <gen-art@ietfa.amsl.com>; Mon, 27 Nov 2017 19:59:04 -0800 (PST)
Received: from mail-pf0-x234.google.com (mail-pf0-x234.google.com [IPv6:2607:f8b0:400e:c00::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F6331200F1 for <gen-art@ietf.org>; Mon, 27 Nov 2017 19:59:04 -0800 (PST)
Received: by mail-pf0-x234.google.com with SMTP id a84so18398639pfl.0 for <gen-art@ietf.org>; Mon, 27 Nov 2017 19:59:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:organization:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=GflgL6hdWgoYhjSamfHEa8NDG8G2wYeI0tgKc9dlrqc=; b=jKEdOJ/F9oPuVHBw9RcfK233nRNY2OPECjBMlYZwMS5ULEBxwpOcmRI4hrpCZI+LB7 PsvAVkURKsLtXBPUzLdSlfVHY0eofl3w56gv/MyMg8Kp+fLd30jsOLgSY2vW0r2qg1GV 6G1y1cRni+Zgm+03PNrmykaONQtT6qrC3qzA/CfnEVjlYCNhGjc4h7LkqSO55ncyA0It wFdt7GAfzwaDcnHrFcnxGmNOgALScjPXiSh+GGeog7kImKBRWnvRoYg9KtwYt037RyG/ BRb8jhgMUeZgO18+R0m+CrTqQjGbau+ZMMBhh7Fpfrwms9qTipreu+CL4MC03hh0PnyU FoyQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=GflgL6hdWgoYhjSamfHEa8NDG8G2wYeI0tgKc9dlrqc=; b=kpJqX/j1wx7LWQVth+pr1m+ETWFKROvetDXA64XnVke6tpx4qgxyTM0y7luWUkzGjR g2cOGhm/0/l56CvUjxT9xTrxRax1oAAKAcHkSnL6LE1D/koPUM7ts0pmSupPaZK/HTZX BtRH5lNDKR5aaaZkhc6/jcZi5v/n2Ynqt35/DF/xbSvvUOwB1RvF4px0iFwSx3yODU4I /dELlT6vCw9CwntXNEWmohZbyHC+qQMPef0n3Kd+udQPFS7zrh7NLoGl/AM3hP6OGWHe VAJq+sWwWI1Dfp8ARe00LACOt6UtOWJTlgGRW5eeku1ZLGfmWJnKEKU7g66qxVOd/i2V XQXA==
X-Gm-Message-State: AJaThX5j8B+B4EB8xVxGGixZf9V5DwoxeGL+FFB7iud06CIvTJo6b9xB nT65RWK/7J/mpOQW6x0MYGwlkw==
X-Google-Smtp-Source: AGs4zMYO/V0HKizYQ4ROe9ibpRWnt9yuXNIpXqD6jjeRFaXgEG2myg5c8dJ17iQjLMcC131RFGMuQg==
X-Received: by 10.101.96.74 with SMTP id b10mr38533398pgv.155.1511841544093; Mon, 27 Nov 2017 19:59:04 -0800 (PST)
Received: from ?IPv6:2406:e007:6f17:1:28cc:dc4c:9703:6781? ([2406:e007:6f17:1:28cc:dc4c:9703:6781]) by smtp.gmail.com with ESMTPSA id j17sm24813990pgv.40.2017.11.27.19.59.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 Nov 2017 19:59:03 -0800 (PST)
To: Mark Nottingham <mnot@mnot.net>
Cc: gen-art@ietf.org, HTTP Working Group <ietf-http-wg@w3.org>
References: <151166787103.16046.10259096251205147245@ietfa.amsl.com> <E3172984-2411-4AB0-B53D-8DC4800B51AA@mnot.net> <7c23613c-8c8e-6218-ba9f-f0bd1aea6e9c@gmail.com> <E6E0B76A-D70C-4E6A-80B3-F8ED613C274E@mnot.net>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
Message-ID: <c93ac04c-f2c9-aea5-5224-9656eeb63571@gmail.com>
Date: Tue, 28 Nov 2017 16:59:01 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <E6E0B76A-D70C-4E6A-80B3-F8ED613C274E@mnot.net>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/6dssRtQN3FDHXQLofuiwd2jMv-E>
Subject: Re: [Gen-art] Genart last call review of draft-ietf-httpbis-origin-frame-04
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Nov 2017 03:59:06 -0000
Works for me. Brian On 28/11/2017 13:33, Mark Nottingham wrote: > Thanks again. Please see: > https://github.com/httpwg/http-extensions/commit/871a80d12aa > > >> On 27 Nov 2017, at 1:05 pm, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote: >> >> Hi Mark, >> >> On 27/11/2017 12:38, Mark Nottingham wrote: >>> Hi Brian, >>> >>> Thanks for the review. Responses below. >>> >>>> On 26 Nov 2017, at 2:44 pm, Brian Carpenter <brian.e.carpenter@gmail.com> wrote: >>> [...] >>>> Minor Issues: >>>> ------------- >>>> >>>>> 2.1. Syntax >>>> ... >>>>> Origin: An OPTIONAL sequence of characters ... that the >>>>> sender believes this connection is or could be authoritative for. >>>> >>>> So, that implies that all data in the ORIGIN frame might be false. >>>> Doesn't that deserve a bit of a health warning at the beginning of the >>>> Security Considerations? >>> >>> The first paragraph of SC is already: >>> >>> """ >>> Clients that blindly trust the ORIGIN frame's contents will be >>> vulnerable to a large number of attacks. See Section 2.4 for mitigations. >>> """ >>> >>> What would you suggest? >>> >>>> Also, using the word "believes" of a server >>>> is strange. How would the server acquire uncertain knowledge in the >>>> first place, and what algorithm would decide what it "believes"? >>> >>> This is to emphasise that ORIGIN is advisory only -- it does not constitute proof (crypto does that). >> >> Right. But I think it's the anthropomorphic choice of word that triggered me. If you said "that the sender asserts this connection is or could be authoritative for" I think I'd have nothing further to say, since it's clearly an assertion that needs to be checked. >> >>> >>>> Appendix A doesn't show any sign of a client checking whether an >>>> Origin-Entry is real. >>> >>> As per Section 2.4, it isn't checked when the origin set is created or updated; it's checked when the value is used. >> >> OK >> >>> >>> >>>>> 2.3. The Origin Set >>>> ... >>>>> o Host: the value sent in Server Name Indication (SNI, [RFC6066] >>>>> Section 3), converted to lower case >>>> >>>> In that reference: >>>> >>>>>> Literal IPv4 and IPv6 addresses are not permitted in "HostName". >>>> >>>> Is that an intended or unintended restriction for the ORIGIN frame? >>>> In any case it should probably be mentioned explicitly to avoid confusion. >>>> (If IPv6 literals were allowed, they might be very convenient for server >>>> load balancing. But RFC6066 excludes that.) >>> >>> Good catch. I don't think there's cause for confusion here (the text there isn't about what can go on the wire), but there is a corner case we haven't covered (when a client that supports SNI omits it because it's an IP literal). >>> >>> My inclination there is to say that the host is the SNI value or the server IP if SNI is missing; what do people think? >> >>> From this reviewer's peanut gallery seat, that makes sense. >> >> Brian >> >>> >>> Cheers, >>> >>> -- >>> Mark Nottingham https://www.mnot.net/ >>> >>> > > -- > Mark Nottingham https://www.mnot.net/ > >
- [Gen-art] Genart last call review of draft-ietf-h… Brian Carpenter
- Re: [Gen-art] Genart last call review of draft-ie… Mark Nottingham
- Re: [Gen-art] Genart last call review of draft-ie… Brian E Carpenter
- Re: [Gen-art] Genart last call review of draft-ie… Mark Nottingham
- Re: [Gen-art] Genart last call review of draft-ie… Brian E Carpenter
- Re: [Gen-art] Genart last call review of draft-ie… Alissa Cooper