IETF Logo Mail Archive

Re: SETTINGS_MIXED_SCHEME_PERMITTED | Re: I-D Action: draft-ietf-httpbis-http2-encryption-07.txt

Patrick McManus <mcmanus@ducksong.com> Fri, 07 October 2016 07:50 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 94DA1129508 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 7 Oct 2016 00:50:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.416
X-Spam-Level:
X-Spam-Status: No, score=-9.416 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5, RP_MATCHES_RCVD=-2.996, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sendgrid.me
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oKAs0oJwhI_a for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 7 Oct 2016 00:50:18 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1D9712948F for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 7 Oct 2016 00:50:17 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1bsPrK-0005Wk-Vi for ietf-http-wg-dist@listhub.w3.org; Fri, 07 Oct 2016 07:46:23 +0000
Resent-Date: Fri, 07 Oct 2016 07:46:22 +0000
Resent-Message-Id: <E1bsPrK-0005Wk-Vi@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <bounces+1568871-208f-ietf-http-wg=w3.org@sendgrid.net>) id 1bsPrG-0005Vw-NL for ietf-http-wg@listhub.w3.org; Fri, 07 Oct 2016 07:46:18 +0000
Received: from o1.7nf.fshared.sendgrid.net ([167.89.55.67]) by lisa.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA256:128) (Exim 4.80) (envelope-from <bounces+1568871-208f-ietf-http-wg=w3.org@sendgrid.net>) id 1bsPrC-000275-NE for ietf-http-wg@w3.org; Fri, 07 Oct 2016 07:46:17 +0000
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.me; h=mime-version:in-reply-to:references:from:subject:to:cc:content-type; s=smtpapi; bh=ayajCGbNPDrr5Id2BrnP/YJVbyA=; b=roXwQzHJc/PZ/TqDbW C1zCVul0dyNHQeAZ1OxS6bF+wle+2OkprC/ujQlO+b6KO9I9FFrpeAKzH3BBIUvt lYbkILlCuoQUqAAqx78T6Rro/oelWsAJLYxOu0OILFS0Cg2HcuAA+X60nkm1evUL YGO+Ymuhrfm7orsUn+6iI22HA=
Received: by filter0969p1mdw1.sendgrid.net with SMTP id filter0969p1mdw1.28526.57F752AC3 2016-10-07 07:45:48.036594279 +0000 UTC
Received: from mail-it0-f43.google.com (mail-it0-f43.google.com [209.85.214.43]) by ismtpd0003p1iad1.sendgrid.net (SG) with ESMTP id 0cUTfmTqSPiw2WTGZ4EKyw for <ietf-http-wg@w3.org>; Fri, 07 Oct 2016 07:45:47.920 +0000 (UTC)
Received: by mail-it0-f43.google.com with SMTP id j69so8990994itb.0 for <ietf-http-wg@w3.org>; Fri, 07 Oct 2016 00:45:47 -0700 (PDT)
X-Gm-Message-State: AA6/9RkrkQZ+xhlGcPBIj2VYwV6OABvxRqlKUK7FvECLPJ3o93zTGdVIrT9lmgRkmRKOSRGE1W13ENGtzLw5yg==
X-Received: by 10.36.76.22 with SMTP id a22mr10232032itb.47.1475826347607; Fri, 07 Oct 2016 00:45:47 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.113.65 with HTTP; Fri, 7 Oct 2016 00:45:46 -0700 (PDT)
In-Reply-To: <BN6PR03MB27081C5CF95FB443BB4C155B87C70@BN6PR03MB2708.namprd03.prod.outlook.com>
References: <20161004160321.DFB4C111E5@welho-filter1.welho.com> <BN6PR03MB27082C2CF4DC3F8F82354FDE87C50@BN6PR03MB2708.namprd03.prod.outlook.com> <201610050451.u954pomK003643@shell.siilo.fmi.fi> <CAOdDvNpRN_trGi23BpqUxmaLoLvom9+Yiew0GkNkhgwvqw4Bew@mail.gmail.com> <CABkgnnVKeqnyqhgL=jx1WqtcByqHes25XDJ684J+rNwvQt+znQ@mail.gmail.com> <201610051336.u95DaAW2020152@shell.siilo.fmi.fi> <CABkgnnVaBVE8mUxuGXYe-WeM_OkiNHcA=egnb1-nOxtdujShfw@mail.gmail.com> <201610051616.u95GGWcI031833@shell.siilo.fmi.fi> <BN6PR03MB2708B42C6964AA22AF8FFDC487C40@BN6PR03MB2708.namprd03.prod.outlook.com> <CABkgnnVJ7VRBH4VeGODkSUXdW9XHs8AjB_M0mm8Kt=nv3djvEg@mail.gmail.com> <BN6PR03MB27081C5CF95FB443BB4C155B87C70@BN6PR03MB2708.namprd03.prod.outlook.com>
From: Patrick McManus <mcmanus@ducksong.com>
Date: Fri, 07 Oct 2016 09:45:46 +0200
X-Gmail-Original-Message-ID: <CAOdDvNrr5Y2X14vVZjrs8uJw1pE74qP83=cniA24UpUdc855hA@mail.gmail.com>
Message-ID: <CAOdDvNrr5Y2X14vVZjrs8uJw1pE74qP83=cniA24UpUdc855hA@mail.gmail.com>
To: Mike Bishop <Michael.Bishop@microsoft.com>
Cc: Martin Thomson <martin.thomson@gmail.com>, Kari Hurtta <hurtta-ietf@elmme-mailer.org>, Patrick McManus <mcmanus@ducksong.com>, HTTP working group mailing list <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="001a11447d86330fa0053e4199dd"
X-SG-EID: YLWet4rakcOTMHWvPPwWbcsiUJbN1FCn0PHYd/Uujh6bgylh9r53jz/b0+U+a+DeIKKLJSI8sYXGlX PO7Q/qv4moyG7v4H/VnG0JV08dG9I6diKDoCFZ6GqmbG1IBz2nDlDClpFOdiO0k2ho6VGAx9kJzipi kKIusMv/n2kdGUdnESbwlxp6OosCPQhJNAm3blv6HM7iISk9eScMxufXtaOiuXOgh8DIOK2dRgeDDi 0=
Received-SPF: pass client-ip=167.89.55.67; envelope-from=bounces+1568871-208f-ietf-http-wg=w3.org@sendgrid.net; helo=o1.7nf.fshared.sendgrid.net
X-W3C-Hub-Spam-Status: No, score=-6.5
X-W3C-Hub-Spam-Report: AWL=0.182, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_SORBS_SPAM=0.5, RP_MATCHES_RCVD=-2.676, SPF_PASS=-0.001, URIBL_GREY=0.424, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: lisa.w3.org 1bsPrC-000275-NE dae448e134a5788f160e64a7d58c1463
X-Original-To: ietf-http-wg@w3.org
Subject: Re: SETTINGS_MIXED_SCHEME_PERMITTED | Re: I-D Action: draft-ietf-httpbis-http2-encryption-07.txt
Archived-At: <http://www.w3.org/mid/CAOdDvNrr5Y2X14vVZjrs8uJw1pE74qP83=cniA24UpUdc855hA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/32514
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Thu, Oct 6, 2016 at 8:12 PM, Mike Bishop <Michael.Bishop@microsoft.com>
wrote:

> If we want to *validate* that the server is handling scheme properly, then
> we need to have different content at http:// and https:// and check that
> we get the right one over the right scheme.


I don't think that proof is necessary for something like .wk where the
resource has such an explicit meaning. The meaning of the .wk is that http
over tls is OK, it doesn't mean the server MUST treat the resources
differently (just an assurance that not doing so isn't a semantic problem
for their content).

Like Mike, I've tried to make the argument that this step isn't really
required but I've grown weary of the pushback and the cost of doing so has
proven reasonable to me (I've implemented the json thing) so at this point
I would rather go ahead with some kind of check.

I think either the 200 or the json are acceptable here - let's decide.

v2.29.0 | Report a Bug | By Email | System Status