Re: [Geopriv] The 's' in HELD
"Thomson, Martin" <Martin.Thomson@andrew.com> Wed, 30 April 2008 23:23 UTC
Return-Path: <geopriv-bounces@ietf.org>
X-Original-To: geopriv-archive@megatron.ietf.org
Delivered-To: ietfarch-geopriv-archive@core3.amsl.com
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ED4E43A6A6C; Wed, 30 Apr 2008 16:23:12 -0700 (PDT)
X-Original-To: geopriv@core3.amsl.com
Delivered-To: geopriv@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7BBEC3A6A6C for <geopriv@core3.amsl.com>; Wed, 30 Apr 2008 16:23:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.703
X-Spam-Level:
X-Spam-Status: No, score=-2.703 tagged_above=-999 required=5 tests=[AWL=0.500, BAYES_00=-2.599, GB_I_LETTER=-2, MIME_QP_LONG_LINE=1.396]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pyJ7DqhR60Rx for <geopriv@core3.amsl.com>; Wed, 30 Apr 2008 16:23:10 -0700 (PDT)
Received: from andrew.com (smtp3.andrew.com [198.135.207.235]) by core3.amsl.com (Postfix) with ESMTP id 415D23A6D94 for <geopriv@ietf.org>; Wed, 30 Apr 2008 16:23:10 -0700 (PDT)
X-SEF-Processed: 5_0_0_910__2008_04_30_18_36_55
X-SEF-16EBA1E9-99E8-4E1D-A1CA-4971F5510AF: 1
Received: from aopexbh2.andrew.com [10.86.20.25] by smtp3.andrew.com - SurfControl E-mail Filter (5.2.1); Wed, 30 Apr 2008 18:36:55 -0500
Received: from AHQEX1.andrew.com ([10.86.20.21]) by aopexbh2.andrew.com with Microsoft SMTPSVC(6.0.3790.3959); Wed, 30 Apr 2008 18:23:10 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Wed, 30 Apr 2008 18:23:06 -0500
Message-ID: <E51D5B15BFDEFD448F90BDD17D41CFF1044688A6@AHQEX1.andrew.com>
In-Reply-To: <4818C81F.6070608@bbn.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Geopriv] The 's' in HELD
Thread-Index: Aciq+EDPbWRAH16BSFubIfi8OEJsAAAHafww
References: <E51D5B15BFDEFD448F90BDD17D41CFF10441BD76@AHQEX1.andrew.com> <4818B2F8.6090506@bbn.com> <4818C1D8.50005@bbn.com> <F66D7286825402429571678A16C2F5EE0337A7FB@zrc2hxm1.corp.nortel.com> <4818C81F.6070608@bbn.com>
From: "Thomson, Martin" <Martin.Thomson@andrew.com>
To: Richard Barnes <rbarnes@bbn.com>, Mary Barnes <mary.barnes@nortel.com>
X-OriginalArrivalTime: 30 Apr 2008 23:23:10.0773 (UTC) FILETIME=[27A53650:01C8AB19]
Cc: GEOPRIV <geopriv@ietf.org>
Subject: Re: [Geopriv] The 's' in HELD
X-BeenThere: geopriv@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Geographic Location/Privacy <geopriv.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:geopriv@ietf.org>
List-Help: <mailto:geopriv-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: geopriv-bounces@ietf.org
Errors-To: geopriv-bounces@ietf.org
Thanks all for the explanation, but that was all I was looking for. Speaking about the proposed; I like the concept. Flexibility and such a small change... I do wonder whether there is any potential for interoperability problems if the same URI is used for both TLS and unadorned TCP sessions. If there's no real problem with mixing the two, then I'm all for the change; otherwise, let's leave be and leave implementations to agree (amoungst themselves) to use TLS_NULL_WITH_NULL_NULL if they want to. Cheers, Martin p.s. The 's' smells bad, but I can live with worse (c.f. emergencyRouting/emergencyDispatch). > -----Original Message----- > From: Richard Barnes [mailto:rbarnes@bbn.com] > Sent: Thursday, 1 May 2008 5:27 AM > To: Mary Barnes > Cc: Thomson, Martin; GEOPRIV; Eric Rescorla > Subject: Re: [Geopriv] The 's' in HELD > > Sure, that's fine with me. As long as both options are supported. > --RB > > > Mary Barnes wrote: > > Richard, > > > > I see your point, however, wouldn't we then want to define both > "held:" > > and "helds:"? That's been the approach of other protocols that I'm > aware > > of (e.g., SIP, MSRP, etc.). > > > > Mary. > > > > -----Original Message----- > > From: Richard Barnes [mailto:rbarnes@bbn.com] > > Sent: Wednesday, April 30, 2008 2:01 PM > > To: Thomson, Martin > > Cc: GEOPRIV; Barnes, Mary (RICH2:AR00) > > Subject: Re: [Geopriv] The 's' in HELD > > > > I've gotten a note off-list that indicates a need to clarify this > > comment: > > > > My impression is that the document as it is does not require TLS be > > *used* on every transaction (which is the implication that led to > > HELDS), just that it be *available* for every transaction. I think > the > > confusion is founded in the below text from Section 9: > > > > The implementation of HTTP as a transport mechanism MUST > implement > > TLS as described in [RFC2818]. TLS provides message integrity > and > > privacy between Device and LIS. The LIS MUST use the server > > authentication method described in [RFC2818]; the Device MUST > fail a > > request if server authentication fails, except in the event of an > > emergency. > > > > You can read that paragraph in either way (implement/use): The first > > sentence says that TLS is a "MUST implement" (not a "MUST use"), but > the > > third sentence implies that the server MUST use TLS to authenticate. > > > > There's no mandate for TLS to be used in the security considerations, > > only supported by implementations. The mandates in the security > > considerations are in the form "IF you want this security property, > THEN > > use TLS", the usual MO in IETF docs. > > > > Am I understanding the document correctly, or is there some other > > section that specifies that TLS MUST be used on every transaction. > > > > If TLS is not required, then here are some proposed (minor) changes: > > 1. Add "When TLS is used, ..." to the third sentence in the above > > paragraph, in order to clarify that the requirement is not absolute. > > 2. Change the "HELDS" URI scheme back to "HELD" > > > > --Richard > > > > > > > > > > > > > > > > Richard Barnes wrote: > >> Is TLS really used for every HELD transaction, as opposed to being > >> available for every transaction? This seems to be a deviation from > >> the normal pattern for Internet protocols to have a base protocol > >> without TLS and an (mandatory) option to use TLS as desired. More > >> importantly, it seems like TLS might be undesirable in some > >> circumstances, e.g., emergency calling. > >> > >> Is there a reason for this extra-strong requirement? > >> > >> --RB > >> > >> > >> > >> Thomson, Martin wrote: > >>> I missed this in the changes for -06. Please forgive my ignorance, > >>> but I wasn't there at -71 and it appears that only the conclusion > was > > > >>> captured, not the rationale. The minutes focus on whether there > >>> should be a URI scheme or not, but make what seems (to me) to be a > >>> logical > >>> leap: > >>> > >>> Question: Does this HELD: scheme require TLS? Ans: Yes. > >>> Then it needs > >>> to be a HELDS: scheme. > >>> > >>> I don't believe that the letter 's' addresses "concerns over > >>> referential integrity" as stated by the held-06 change-log. So can > >>> anyone justify the above statement? Is there some IETF guideline I > >>> don't know of that states that URI schemes for protocols that use > TLS > > have an extra 's'? > >>> Cheers, > >>> Martin > >>> > >>> ------------------------------------------------------------------- > -- > >>> --------------------------- This message is for the designated > >>> recipient only and may contain privileged, proprietary, or > otherwise > >>> private information. > >>> If you have received it in error, please notify the sender > >>> immediately and delete the original. Any unauthorized use of this > >>> email is prohibited. > >>> ------------------------------------------------------------------- > -- > >>> --------------------------- > >>> [mf2] > >>> > >>> _______________________________________________ > >>> Geopriv mailing list > >>> Geopriv@ietf.org > >>> https://www.ietf.org/mailman/listinfo/geopriv > >>> > >>> > >> _______________________________________________ > >> Geopriv mailing list > >> Geopriv@ietf.org > >> https://www.ietf.org/mailman/listinfo/geopriv > >> > >> > > > > > > ------------------------------------------------------------------------------------------------ This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any unauthorized use of this email is prohibited. ------------------------------------------------------------------------------------------------ [mf2] _______________________________________________ Geopriv mailing list Geopriv@ietf.org https://www.ietf.org/mailman/listinfo/geopriv
- [Geopriv] The 's' in HELD Thomson, Martin
- Re: [Geopriv] The 's' in HELD Eric Rescorla
- Re: [Geopriv] The 's' in HELD Randall Gellens
- Re: [Geopriv] The 's' in HELD Richard Barnes
- Re: [Geopriv] The 's' in HELD Richard Barnes
- Re: [Geopriv] The 's' in HELD Mary Barnes
- Re: [Geopriv] The 's' in HELD Richard Barnes
- Re: [Geopriv] The 's' in HELD Thomson, Martin
- Re: [Geopriv] The 's' in HELD Tim Thome
- Re: [Geopriv] The 's' in HELD Winterbottom, James