Re: [http-auth] [Mutual] (due Aug 28) Mutual auth issues (part 1)
Alexey Melnikov <alexey.melnikov@isode.com> Sat, 22 August 2015 09:21 UTC
Return-Path: <alexey.melnikov@isode.com>
X-Original-To: http-auth@ietfa.amsl.com
Delivered-To: http-auth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B01ED1A1F70 for <http-auth@ietfa.amsl.com>; Sat, 22 Aug 2015 02:21:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.011
X-Spam-Level:
X-Spam-Status: No, score=-2.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IspSz_Fx4NMm for <http-auth@ietfa.amsl.com>; Sat, 22 Aug 2015 02:21:09 -0700 (PDT)
Received: from waldorf.isode.com (waldorf.isode.com [217.34.220.150]) by ietfa.amsl.com (Postfix) with ESMTP id 35FBA1A1EF2 for <http-auth@ietf.org>; Sat, 22 Aug 2015 02:21:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1440235268; d=isode.com; s=selector; i=@isode.com; bh=Y5EfyrNHVmKaLVS+toPbIl9/kSfLtsXjD27cvQfnWQo=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=rylvMAp9Dz5sSf3XezVm1NMUOoJm34USsrz3dqATwkcbON2eUQLQaJiJr4v53LMfxUjrmj +/fVRFn+q6g4lzMSBI/aF4T/U+Fbw8QitcWYva1pyVwAQl11QOtkpp/L1issFpH75UumHC xoVDy2tc/ARrpdz5Z9F99t8mp9REIkI=;
Received: from [192.168.0.6] (cpc5-nmal20-2-0-cust24.19-2.cable.virginm.net [92.234.84.25]) by waldorf.isode.com (submission channel) via TCP with ESMTPSA id <Vdg=AwAncJJc@waldorf.isode.com>; Sat, 22 Aug 2015 10:21:08 +0100
X-SMTP-Protocol-Errors: PIPELINING
From: Alexey Melnikov <alexey.melnikov@isode.com>
X-Mailer: iPad Mail (12F69)
In-Reply-To: <OS1PR01MB0200719F947ACCD628FF3D7DA07D0@OS1PR01MB0200.jpnprd01.prod.outlook.com>
Date: Sat, 22 Aug 2015 10:25:15 +0100
Message-Id: <6A52CFE1-381A-4143-AF98-D332D600592C@isode.com>
References: <OS1PR01MB0200719F947ACCD628FF3D7DA07D0@OS1PR01MB0200.jpnprd01.prod.outlook.com>
To: Yutaka OIWA <y.oiwa@aist.go.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/http-auth/Ts0WtHfYeyzlZPw27l3FDC6sLas>
Cc: Mutual auth contact <mutual-auth-contact-ml@aist.go.jp>, "http-auth@ietf.org" <http-auth@ietf.org>
Subject: Re: [http-auth] [Mutual] (due Aug 28) Mutual auth issues (part 1)
X-BeenThere: http-auth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: HTTP authentication methods <http-auth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/http-auth>, <mailto:http-auth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/http-auth/>
List-Post: <mailto:http-auth@ietf.org>
List-Help: <mailto:http-auth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/http-auth>, <mailto:http-auth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 22 Aug 2015 09:21:10 -0000
Hi, Sent from my iPad > On 13 Aug 2015, at 03:17, Yutaka OIWA <y.oiwa@aist.go.jp> wrote: > > ==== draft-ietf-httpauth-mutual ==== > > = Section 3.1 = > > [P1] Is adoption of RFC5987 OK? > https://github.com/yoiwa/httpauth-mutual/issues/1 Yes, this sounds sensible. > > [P2] The encoding is fixed to UTF-8, without any language. > (justification: it is not an on-line negotiable parameter, > and the new protocol does not need to consider older > clients.) > https://github.com/yoiwa/httpauth-mutual/issues/2 I agree this is the right approach. > = Section 4: Messages = > > [P3] Are the reserved parameter names making sense? > https://github.com/yoiwa/httpauth-mutual/issues/3 This question is a bit harder to answer. Overall I think they make sense. "auth-domain" might be named better as "auth-scope", but I don't have a strong preference, especially if you already have deployed implementation of the draft. Best Regards, Alexey > Thank you for your cooperation. > > -- > Yutaka OIWA, Ph.D. Cyber Physical Architecture Research Group > Information Technology Research Institute > National Institute of Advanced Industrial Science and Technology (AIST) > Mail addresses: <y.oiwa@aist.go.jp>, <yutaka@oiwa.jp> > OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D 3139 8677 9BD2 4405 46B5] > > _______________________________________________ > http-auth mailing list > http-auth@ietf.org > https://www.ietf.org/mailman/listinfo/http-auth
- [http-auth] [Mutual] (due Aug 28) Mutual auth iss… Yutaka OIWA
- Re: [http-auth] [Mutual] (due Aug 28) Mutual auth… Sophie Bremer
- Re: [http-auth] [Mutual] (due Aug 28) Mutual auth… Alexey Melnikov
- Re: [http-auth] [Mutual] (due Aug 28) Mutual auth… Yutaka OIWA