Re: [http-auth] Alexey Melnikov's No Objection on draft-ietf-httpauth-extension-08: (with COMMENT)

大岩寛 <> Mon, 05 September 2016 08:24 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 6D51012B2DD; Mon, 5 Sep 2016 01:24:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id B_RD2seqEdnp; Mon, 5 Sep 2016 01:24:11 -0700 (PDT)
Received: from ( []) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 27A0112B2ED; Mon, 5 Sep 2016 01:24:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=GUgiyo+hgN6HY0K/oei5RPZ08qW1MxCuXaSzsosVPhk=; b=AntSavfGHjtCi3AjhEgJRRUgeu2CSm9UiTWzf/mYwNsH+GrpGz34Fd3r1GuAIsejwwfx/J+RniAf9g7kg3ieMoZfwWc2+0HBv84kPBRIT+dmWO343hXYTRisXed3F0ohAXcc+OG2+Yb9NApuA878aCvgq2baEbr4fb4auKZmdBU=
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.599.9; Mon, 5 Sep 2016 08:24:07 +0000
Received: from ([]) by ([]) with mapi id 15.01.0599.016; Mon, 5 Sep 2016 08:24:07 +0000
From: 大岩寛 <>
To: Alexey Melnikov <>
Thread-Topic: Alexey Melnikov's No Objection on draft-ietf-httpauth-extension-08: (with COMMENT)
Thread-Index: AQHSBGAsLT+TABkFxEakoeSAg5YN3KBnIoFQgABnWgCAAwrZ9Q==
Date: Mon, 05 Sep 2016 08:24:07 +0000
Message-ID: <>
References: <> <>, <>
In-Reply-To: <>
Accept-Language: ja-JP, en-US
Content-Language: ja-JP
authentication-results: spf=none (sender IP is );
x-originating-ip: []
x-ms-office365-filtering-correlation-id: 22527c1e-1202-4227-d2a5-08d3d5660126
x-microsoft-exchange-diagnostics: 1; TY1PR01MB0588; 6:+NUhyOF5M5UzR6wdvYWf2nfZO8E92pE/s5O/2OoIa3szwzmuaGg79dR0d9d7XLnbD9ex6hbTjVgf3qY5G1wAxKgMzsQ5JJQoOPpnUehl2GFHO1EVoNZWHP8T24KM8vWi8G9KoWBCOP6kCYI5qLsLyKmkTKBaC8fSiUn9nhSRW98PK0KgkUwwMghoz3JSsBldOuPudXpbJfAOkgEdWPUpdQDhd0A/Nu7e4X98qfhrVeh/OP+SZ3vT0d0Db+PsevXKrlpc5NdatHYGPz/G9utjQ5rllgYXqMcac5SWeVo5ggHHkBSynRkP/zCGAtvQxzjpD23I40rumRd6kHhrFu4vgA==; 5:/lrAPj3feFXq/Sw7h1Fbby2Egt9fTPscVBTkItbWd8UjWlw+xmHcniSKK8KgqGAQfg9R/cdeWNXcP/yeFpT6/Bd/XkYgJcsP4U4BC+n9mqnKNsnvZiXYuDRQeXaDdocIO72Rjc0ictfdWcgtS5OkCg==; 24:1KuxaVExugMDD0HtURgVFkGKPL9dO0CVP54LKWgYurTtSTuJmdZ/XxXB14Tohb50y/LS8cnihUjwVkRszSRfQijKIRmLp3XHCSZ37d+FNmo=; 7:ecBFHMCu9zOuyPQeWyaJBm3FHEyeB2vV3SdAwGdrFo9CIa/Bw9UAzMBPVcBdKc+t3EmaBFi8P7Bt0qp6fYZINhAuEqCTlsCuGa0pdCq4fsdsNK8FiGw6HGlZIjLs1wfnIGqfxnpncUTUF8ivbQYe1lFCywofG2AY/F5csVC+6jbG42zZ6VLIYOrj8JQs/7E40CUDZyBZX1/wb1f0PhxdS+30gCR7ZtDatGq54jZ1o9Vi8WYgUID/fNmyMQJ6t/A2
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:TY1PR01MB0588;
x-microsoft-antispam-prvs: <>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040176)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026); SRVR:TY1PR01MB0588; BCL:0; PCL:0; RULEID:; SRVR:TY1PR01MB0588;
x-forefront-prvs: 005671E15D
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(7916002)(24454002)(199003)(189002)(7846002)(86362001)(50986999)(2906002)(189998001)(7736002)(7696003)(105586002)(19580395003)(10400500002)(92566002)(122556002)(33656002)(76176999)(54356999)(5002640100001)(66066001)(230783001)(3280700002)(101416001)(345774005)(3660700001)(110136002)(87936001)(97736004)(5660300001)(11100500001)(8936002)(6116002)(102836003)(74316002)(74482002)(586003)(106356001)(81166006)(8666005)(68736007)(81156014)(106116001)(9686002)(2950100001)(85182001)(8676002)(77096005)(3846002)(2900100001)(19580405001)(305945005)(4326007)(76576001)(7059030); DIR:OUT; SFP:1101; SCL:1; SRVR:TY1PR01MB0588;; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None ( does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="iso-2022-jp"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Sep 2016 08:24:07.1393 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 18a7fec8-652f-409b-8369-272d9ce80620
X-MS-Exchange-Transport-CrossTenantHeadersStamped: TY1PR01MB0588
Archived-At: <>
Cc: "" <>, "" <>, The IESG <>, "" <>
Subject: Re: [http-auth] Alexey Melnikov's No Objection on draft-ietf-httpauth-extension-08: (with COMMENT)
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: HTTP authentication methods <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 05 Sep 2016 08:24:13 -0000

Dear Alexey,

thank you for the suggestion.
"no requirement" phrase seems to be very good solution.
差出人: Alexey Melnikov <>
送信日時: 2016年9月3日 18:55:30
宛先: 大岩寛
CC: The IESG;; Yoav Nir;;
件名: Re: Alexey Melnikov's No Objection on draft-ietf-httpauth-extension-08: (with COMMENT)


On 3 Sep 2016, at 05:05, 大岩寛 <> wrote:

>> In Section 3, last paragraph:
>>   Support of this header is OPTIONAL; clients MAY also implement this
>>   extension only for some selected authentication schemes.  New
>>   authentication schemes can make support of the optional
>>   authentication mandatory by its specification, though.
>> I don't think this paragraph is needed, as this is granted, because support
>> for any extension like specified in this document is optional. So I suggest
>> deleting it.
> Of course, Experimental thing is always optional, as a starting point.
> But if we have two or more OPTIONALs, we need to clarify whether these are
> "one-by-one" or "all-or-nothing".
> What we wanted to assure here is that
> - It's optional support may vary between schemes.
>   For example, an implementation MAY choose to support it in Digest but not in Basic.
>   Also, implementation MAY choose only to support "username" and not "logout-timeout".
>   In this point, it's "one-by-one" OPTIONAL.

In this case I suggest that you either remove the first optional or rephrase this to say that there is no requirement to support this for all supported authentication schemes.
> - We have another "experimental" draft which normatively refers this draft and
>   requires implementation of this extension.
>   It's a kind of "all-or-nothing" (more precisely, "A implies B").
>   It does not contradict with the "experimental status" of this draft.
> These need a little more clarification than just saying "OPTIONAL" or "Experimental".
> If you have some solution to resolve it nicely, it's really appreciated.