Re: [http-auth] RFC5987bis, was: WGLC on the MutualAuth drafts

大岩寛 <y.oiwa@aist.go.jp> Mon, 11 July 2016 07:08 UTC

Return-Path: <y.oiwa@aist.go.jp>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56C4B12B00A for <http-auth@ietfa.amsl.com>; Mon, 11 Jul 2016 00:08:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=aist.go.jp
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mzF6JjrN1043 for <http-auth@ietfa.amsl.com>; Mon, 11 Jul 2016 00:08:20 -0700 (PDT)
Received: from JPN01-OS2-obe.outbound.protection.outlook.com (mail-os2jpn01on0054.outbound.protection.outlook.com [104.47.92.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6350112D0AA for <http-auth@ietf.org>; Mon, 11 Jul 2016 00:08:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aist.go.jp; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Amw9uF0OnIIcCOMdxjeIeanUYaNXidIIl1fAuhwM/Lk=; b=CcFXbdkHU9JrI56r3/gSpHXTAMnxiTL+sBLl8aEJZgExjEc74v8G2LNhsNQtyKWmLSGgWYTZlj53pfOSrlQCgvAqWgJRvsupc2Im5bvGZpLyh7Clb/g2yZYSVya7fd2ueoUTSeD8eWyaTQdrzC+35iz/WGUxUL9DLglqd/8lwIY=
Received: from TY1PR01MB0588.jpnprd01.prod.outlook.com (10.167.157.18) by TY1PR01MB0588.jpnprd01.prod.outlook.com (10.167.157.18) with Microsoft SMTP Server (TLS) id 15.1.534.14; Mon, 11 Jul 2016 07:08:15 +0000
Received: from TY1PR01MB0588.jpnprd01.prod.outlook.com ([10.167.157.18]) by TY1PR01MB0588.jpnprd01.prod.outlook.com ([10.167.157.18]) with mapi id 15.01.0534.022; Mon, 11 Jul 2016 07:08:15 +0000
From: =?iso-2022-jp?B?GyRCQmc0ZDQyGyhC?= <y.oiwa@aist.go.jp>
To: Yoav Nir <ynir.ietf@gmail.com>, Julian Reschke <julian.reschke@gmx.de>
Thread-Topic: [http-auth] RFC5987bis, was: WGLC on the MutualAuth drafts
Thread-Index: AQHR2c114iqMQDfWkUqIswHWOv6VvqASvaiAgAAQ/zA=
Date: Mon, 11 Jul 2016 07:08:15 +0000
Message-ID: <TY1PR01MB058802811AEFE372C5614CB9A03F0@TY1PR01MB0588.jpnprd01.prod.outlook.com>
References: <2DBE893A-434D-4B67-BF12-AEFBDE7A23B7@gmail.com> <32b9df1f-b61d-405e-d935-5d964d9acbb6@gmx.de> <77f07eac-2a52-17e4-38f6-e1d4aac4c7af@gmx.de> <8CF0FBC6-3417-4CAE-993D-07E9CA1A912E@gmail.com>
In-Reply-To: <8CF0FBC6-3417-4CAE-993D-07E9CA1A912E@gmail.com>
Accept-Language: ja-JP, en-US
Content-Language: ja-JP
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=y.oiwa@aist.go.jp;
x-originating-ip: [150.29.149.183]
x-ms-office365-filtering-correlation-id: bc6bdcd8-f84e-4e40-1ed4-08d3a95a2142
x-microsoft-exchange-diagnostics: 1; TY1PR01MB0588; 6:nYnqgDtx/UomvRfjYIaDU+SVDqWR3P9ZYJ8RCn48ZCSKIxGoy4isfU5u7Lefq7uxmXm/tlB8/Pz1LC2YSbFADHiz5tC0CShWSEnTN030n1Kk8fjcVIoNkUTfL6Xk2ldELlWZG76HpvJf2ZmQ3h9Wrluh+iaF5o6hzuRMJngxvuk2UNKRwjj8kAoW/sBrxFQPiNkMdmExHi9JaR2QiKozGYsuh2R//2l4A85JJwsv7peEfJJ0fmCzsgeAzi9K2scUnvoEmVwWJ5X5XbemlRPF0/sQmf6VMZzIhAJ2n4wASB1ZP8h1oOkdNcRKEoLV70PC0+4m1/S+NShLDcNbgb4NyQ==; 5:rePNM+SZuPmrAzcUV14Vaq8DRM5duR+Em2dK3+v+2kvyQNWIV3coZ05qPEHLoE8z81lOOrAHDQ1Qtorf41+gpnlXJPw29WgioxWSI3HJh6x7d4wjKSE/l3UegZXGg36uVzq1F+Dx9BkEhqcmvPyC6Q==; 24:ht2W1Iuh0PH5DL3Nlp/rkg3F+JlRnDshgBiU0up1TM8Gf1P55WlBIvMvtX2DvwnONIS50+lBIOiJFevVwVrUwvjgdRXDwwDAAB3nimcSCNg=; 7:yKGN7ecjycmtpmH5YccjNNUX/qCjwSFR3BX9xKvvMe7Iqu2jVUHZR/PgVJA9zqQNnJylcptazRWAc/oPfHobtqsyKasec2GL4fKgXbpcs5UUAt+W1oPNxZk8Vq00D2adyz43E3bKkvuRgvvg1rGjD2q1bke1hMYRQOwiQ8Z0iGpMZl1tHe+IcZAh53IwAq7jhWu33qocS1ECL3+hZOB+00p1m1CFnair3nhW7JE5t1ZONe8ZFETj5TzV3WNC5Wll
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:TY1PR01MB0588;
x-microsoft-antispam-prvs: <TY1PR01MB05888A2C95C6B788FFACD784A03F0@TY1PR01MB0588.jpnprd01.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(26323138287068);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026); SRVR:TY1PR01MB0588; BCL:0; PCL:0; RULEID:; SRVR:TY1PR01MB0588;
x-forefront-prvs: 00003DBFE7
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(7916002)(13464003)(199003)(69234005)(189002)(377454003)(24454002)(377424004)(68736007)(9686002)(8676002)(8666005)(74482002)(3280700002)(15975445007)(66066001)(11100500001)(3660700001)(8936002)(189998001)(305945005)(2950100001)(2900100001)(77096005)(85182001)(76576001)(76176999)(87936001)(54356999)(81156014)(81166006)(19580395003)(19580405001)(74316002)(4326007)(92566002)(586003)(33656002)(50986999)(93886004)(2906002)(10400500002)(7696003)(7846002)(122556002)(7736002)(97736004)(5001770100001)(5003600100003)(86362001)(105586002)(106116001)(101416001)(6116002)(102836003)(3846002)(106356001)(5002640100001)(7059030)(19627235001); DIR:OUT; SFP:1101; SCL:1; SRVR:TY1PR01MB0588; H:TY1PR01MB0588.jpnprd01.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: aist.go.jp does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="iso-2022-jp"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: aist.go.jp
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Jul 2016 07:08:15.8192 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 18a7fec8-652f-409b-8369-272d9ce80620
X-MS-Exchange-Transport-CrossTenantHeadersStamped: TY1PR01MB0588
Archived-At: <https://mailarchive.ietf.org/arch/msg/http-auth/SGaLQnK96k7GtD2MqLO2TBKbDLU>
Cc: httpauth mailing list <http-auth@ietf.org>
Subject: Re: [http-auth] RFC5987bis, was: WGLC on the MutualAuth drafts
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/http-auth/>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Jul 2016 07:08:22 -0000

Dear Yoav and Julian,

I just took a quick observation of the diff URL, and
it seems to be mostly fine to go forward.

Dear Julian,

The current text in Section 3.2.1 and 4 is really fine for me.
If the changes (Appendix C) goes to the final text,
I prefer

  Do not attempt to define a generic parameter ABNF; just concentrate	
  on the parameter value syntax.

to be changed something like below,

  Do not define a parameter ABNF in a generic way;  It is clarified that
  the formal syntax should be defined in each document referring to this document.

so that the relation between the generic convention and the referring
document is clearer.
"Concentrate on the parameter value" is unclear for the people
who does not share the background reason not defining the key syntax as ABNF.
They can be misleaded to the understanding that we're throwing
the star-convention away, too.
Maybe the background reason can be expressed somewhere as an informative, 
explanatory text.

-- 
Yutaka OIWA, Ph.D.       Leader, Cyber Physical Architecture Research Group
                                  Information Technology Research Institute
    National Institute of Advanced Industrial Science and Technology (AIST)
                      Mail addresses: <y.oiwa@aist.go.jp>jp>, <yutaka@oiwa.jp>
OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D  3139 8677 9BD2 4405 46B5]


> -----Original Message-----
> From: http-auth [mailto:http-auth-bounces@ietf.org] On Behalf Of Yoav Nir
> Sent: Monday, July 11, 2016 2:54 PM
> To: Julian Reschke <julian.reschke@gmx.de>
> Cc: httpauth mailing list <http-auth@ietf.org>
> Subject: Re: [http-auth] RFC5987bis, was: WGLC on the MutualAuth drafts
> 
> 
> > On 9 Jul 2016, at 1:34 PM, Julian Reschke <julian.reschke@gmx.de> wrote:
> >
> > On 2016-06-18 11:59, Julian Reschke wrote:
> >> ...
> >> 4.  Authentication-Control header
> >>
> >>    Authentication-Control = 1#Auth-Control-Entry
> >>    Auth-Control-Entry     = auth-scheme 1*SP 1#auth-control-param
> >>    auth-control-param     = extensive-token BWS "=" BWS token
> >>                           / extensive-token "*" BWS "=" BWS ext-value
> >>    ext-value              = <see RFC 5987, Section 3.2>
> >>
> >>      Figure 4: the BNF syntax for the Authentication-Control header
> >>
> >> FYI: I'm in the process of revising RFC 5987, and that ABNF
> >> production is going to be removed. Seems we need to coordinate here.
> >> ...
> >
> > Sorry for causing confusion.
> >
> > Since I wrote this I went back to RFC 5987bis, and it turns out that the ABNF
> production I intended to kill is *ext-parameter*, not *ext-value*.
> >
> > See change in
> <https://tools.ietf.org/rfcdiff?url2=draft-ietf-httpbis-rfc5987bis-02.txt#
> part-4> (just submitted).
> 
> OK, and comparing RFC 5987 and rfc5987bis I see that the definition of ext-value
> is the same.
> 
> So does that mean we’re good to go on these drafts?
> 
> Yoav
> 
> _______________________________________________
> http-auth mailing list
> http-auth@ietf.org
> https://www.ietf.org/mailman/listinfo/http-auth