Re: [http-auth] [Mutual] (due Aug 28) Mutual auth issues (part 1)
Yutaka OIWA <y.oiwa@aist.go.jp> Fri, 04 September 2015 07:48 UTC
Return-Path: <y.oiwa@aist.go.jp>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 054811A007A for <http-auth@ietfa.amsl.com>; Fri, 4 Sep 2015 00:48:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aZD0-wW5yL_J for <http-auth@ietfa.amsl.com>; Fri, 4 Sep 2015 00:48:29 -0700 (PDT)
Received: from APC01-PU1-obe.outbound.protection.outlook.com (mail-pu1apc01on0086.outbound.protection.outlook.com [104.47.126.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 48D121A890F for <http-auth@ietf.org>; Fri, 4 Sep 2015 00:48:28 -0700 (PDT)
Received: from OS1PR01MB0200.jpnprd01.prod.outlook.com (10.161.230.139) by OS1PR01MB0200.jpnprd01.prod.outlook.com (10.161.230.139) with Microsoft SMTP Server (TLS) id 15.1.256.15; Fri, 4 Sep 2015 07:48:24 +0000
Received: from OS1PR01MB0200.jpnprd01.prod.outlook.com ([10.161.230.139]) by OS1PR01MB0200.jpnprd01.prod.outlook.com ([10.161.230.139]) with mapi id 15.01.0256.013; Fri, 4 Sep 2015 07:48:24 +0000
From: Yutaka OIWA <y.oiwa@aist.go.jp>
To: "http-auth@ietf.org" <http-auth@ietf.org>
Thread-Topic: [Mutual] (due Aug 28) Mutual auth issues (part 1)
Thread-Index: AdDVbU8S0YCBqDw+RAOYwINxg2v0vgReEUow
Date: Fri, 04 Sep 2015 07:48:24 +0000
Message-ID: <OS1PR01MB02008915DD12C0BABB6CDC26A0570@OS1PR01MB0200.jpnprd01.prod.outlook.com>
Accept-Language: ja-JP, en-US
Content-Language: ja-JP
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=y.oiwa@aist.go.jp;
x-originating-ip: [150.29.157.135]
x-microsoft-exchange-diagnostics: 1; OS1PR01MB0200; 5:8JD2DCgAQxnntjYYJWhkFgdxqNKnXlrfcOBViupiAi5n943neDKYxynSSQai4OOVcMj5MYGKx9MKQayLYPS4GxnWxEKbTrdGfr+yebbu1L9mtS+HpgUIwNTd6IBT//HFO/BWxSbaEZC7PXpmUl/CpA==; 24:IdbpB34RvKNP3OZGCfqa6G+G31gmKDFLZ7NY96N+3aHHcQMCNIYBkaYXun2RpQx79+GG9ohk/udUQaiE9V6cz158ENMIY497MOYIoiZ6Afs=; 20:gKDML5AgrjK17ILlMBowK4LREGYOzGII32sXVeY2yfwOJRGtWCFPVcK0+WQArWM4s56QC2GqihfmmI7wbUMddw==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:OS1PR01MB0200;
x-microsoft-antispam-prvs: <OS1PR01MB0200A1D6E7BCB56B636909ADA0570@OS1PR01MB0200.jpnprd01.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(5005006)(8121501046)(3002001); SRVR:OS1PR01MB0200; BCL:0; PCL:0; RULEID:; SRVR:OS1PR01MB0200;
x-forefront-prvs: 06891E23FB
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(13464003)(199003)(377454003)(189002)(45984002)(43784003)(77156002)(77096005)(62966003)(54356999)(81156007)(66066001)(15975445007)(102836002)(50986999)(105586002)(33656002)(4001540100001)(74482002)(106356001)(46102003)(2351001)(64706001)(40100003)(68736005)(76576001)(101416001)(450100001)(86362001)(10400500002)(2900100001)(19580405001)(87936001)(189998001)(74316001)(5001860100001)(5007970100001)(5001830100001)(5001920100001)(2501003)(19580395003)(5003600100002)(5001960100002)(122556002)(5002640100001)(110136002)(107886002)(97736004)(5004730100002)(92566002)(4001430100001); DIR:OUT; SFP:1101; SCL:1; SRVR:OS1PR01MB0200; H:OS1PR01MB0200.jpnprd01.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: aist.go.jp does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: aist.go.jp
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Sep 2015 07:48:24.5986 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 18a7fec8-652f-409b-8369-272d9ce80620
X-MS-Exchange-Transport-CrossTenantHeadersStamped: OS1PR01MB0200
Archived-At: <http://mailarchive.ietf.org/arch/msg/http-auth/JLP8bPONzrfQlQTQcwpU8Hstohs>
Cc: Mutual auth contact <mutual-auth-contact-ml@aist.go.jp>
Subject: Re: [http-auth] [Mutual] (due Aug 28) Mutual auth issues (part 1)
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/http-auth/>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Sep 2015 07:48:32 -0000
Dear HTTP-AUTH WG attendees,
Thank you very much for your comments.
Regarding the parameter names,
* I'd like to rename "auth-domain" to "auth-scope", as
It seems to be clearer.
* I'd like to keep "path" parameter as is now, because
- the term "domain" gives unintended feeling of its relation with domain names,
- unlike "domain" parameter in Digest, it accepts the
in-domain path names only
(full-URL style pathes with domain names are not accepted).
I'll go with the second set of issues sooner.
Thanks again,
Yutaka
--
Yutaka OIWA, Ph.D. Cyber Physical Architecture Research Group
Information Technology Research Institute
National Institute of Advanced Industrial Science and Technology (AIST)
Mail addresses: <y.oiwa@aist.go.jp>, <yutaka@oiwa.jp>
OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D 3139 8677 9BD2 4405 46B5]
> -----Original Message-----
> From: Yutaka OIWA
> Sent: Thursday, August 13, 2015 11:17 AM
> To: 'http-auth@ietf.org' <http-auth@ietf.org>
> Cc: 'mutual-auth-contact-ml@aist.go.jp' <mutual-auth-contact-ml@aist.go.jp>
> Subject: [Mutual] (due Aug 28) Mutual auth issues (part 1)
>
> Dear all HTTPAUTH WG members,
>
> I'd like to have your comments on the following three issues.
> Please make your initial response *before August 28*, or the WG will consider
> these issues as successfully resolved (as the WG Chair said in the Prague
> meeting.)
>
> We appreciate your responses in any of the following form:
> * on the github issue tracking system (comments, pull-request etc.)
> * on this mailing list
> * on the private email
> We'll summarize comments on the medium above, and send it to this mailing list.
> (Please be understood that your comments on the private email may be included
> in the summary and published.)
>
>
> ==== draft-ietf-httpauth-mutual ====
>
> = Section 3.1 =
>
> [P1] Is adoption of RFC5987 OK?
> https://github.com/yoiwa/httpauth-mutual/issues/1
>
> [P2] The encoding is fixed to UTF-8, without any language.
> (justification: it is not an on-line negotiable parameter,
> and the new protocol does not need to consider older
> clients.)
> https://github.com/yoiwa/httpauth-mutual/issues/2
>
> = Section 4: Messages =
>
> [P3] Are the reserved parameter names making sense?
> https://github.com/yoiwa/httpauth-mutual/issues/3
>
>
> Thank you for your cooperation.
>
> --
> Yutaka OIWA, Ph.D. Cyber Physical Architecture Research Group
> Information Technology Research Institute
> National Institute of Advanced Industrial Science and Technology (AIST)
> Mail addresses: <y.oiwa@aist.go.jp>, <yutaka@oiwa.jp>
> OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D 3139 8677 9BD2 4405 46B5]
- [http-auth] [Mutual] (due Aug 28) Mutual auth iss… Yutaka OIWA
- Re: [http-auth] [Mutual] (due Aug 28) Mutual auth… Sophie Bremer
- Re: [http-auth] [Mutual] (due Aug 28) Mutual auth… Alexey Melnikov
- Re: [http-auth] [Mutual] (due Aug 28) Mutual auth… Yutaka OIWA