IETF Logo Mail Archive

Accept Signature Parameter Semantics

Justin Richer <jricher@mit.edu> Wed, 01 February 2023 14:47 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89B50C169528 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 1 Feb 2023 06:47:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.751
X-Spam-Level:
X-Spam-Status: No, score=-7.751 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mit.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HfjSeCzxI11S for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 1 Feb 2023 06:46:57 -0800 (PST)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8FF12C151719 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 1 Feb 2023 06:46:56 -0800 (PST)
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1pNENo-000c3S-Kw for ietf-http-wg-dist@listhub.w3.org; Wed, 01 Feb 2023 14:46:44 +0000
Resent-Date: Wed, 01 Feb 2023 14:46:44 +0000
Resent-Message-Id: <E1pNENo-000c3S-Kw@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <jricher@mit.edu>) id 1pNENm-000c2A-6D for ietf-http-wg@listhub.w3.org; Wed, 01 Feb 2023 14:46:42 +0000
Received: from outgoing-exchange-7.mit.edu ([18.9.28.58]) by titan.w3.org with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <jricher@mit.edu>) id 1pNENi-008aLt-Q3 for ietf-http-wg@w3.org; Wed, 01 Feb 2023 14:46:41 +0000
Received: from oc11exedge2.exchange.mit.edu (OC11EXEDGE2.EXCHANGE.MIT.EDU [18.9.3.18]) by outgoing-exchange-7.mit.edu (8.14.7/8.12.4) with ESMTP id 311EkG7c021261 for <ietf-http-wg@w3.org>; Wed, 1 Feb 2023 09:46:29 -0500
Received: from oc11expo11.exchange.mit.edu (18.9.4.16) by oc11exedge2.exchange.mit.edu (18.9.3.18) with Microsoft SMTP Server (TLS) id 15.0.1497.45; Wed, 1 Feb 2023 09:44:33 -0500
Received: from oc11exhyb6.exchange.mit.edu (18.9.1.111) by oc11expo11.exchange.mit.edu (18.9.4.16) with Microsoft SMTP Server (TLS) id 15.0.1497.42; Wed, 1 Feb 2023 09:46:05 -0500
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.169) by oc11exhyb6.exchange.mit.edu (18.9.1.111) with Microsoft SMTP Server (TLS) id 15.0.1497.42 via Frontend Transport; Wed, 1 Feb 2023 09:46:05 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MxHvQYJspbKmDoY8oLTfn8iREB8AG5wJN+3xmy7tVPd2mluJJdi0fnH2U/cImtTGKi/gX5XvobcbKWjSSFtY6HA5wXHwxQ/8MZM5L8yNLFpBin9BtMPrG0XicRl/qZuCCbN7FAJEkdMpuueNsXoPPx0au9UmDUqBuXqPj/3+A7cU4cCOMus3kh3VIosiWAiFv9E8OcGdzf0P95w0PZ18IvQur2gh/35y/qJyHI/p1WfJ7npcJH8PETyEnC9dJVtPFBljQGUKqJJa2TBfjPP71uujPI7XaA3AzvgmrDDLePvMj50u6oZpMOa7NhpzLVAixXgjXJES/qv4jYxYQ4QpRg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=PE1jQes6n8H44OvgF1C1Ft4VY7FYSiS9zdZT90WaZ3g=; b=MVIFjrQdNg86R0wjA3/RlSRJ4ukO31Sd3OonnxUh/2LIWLa3HSlXqsbaTPIPfEn6R3aZofLLVypfwrkQqexPq9cYCDKRm1B5BqQv9AvnZKroFfwzSSfwE4WcpX/l6LXQyaYrrsOef9Eg8cXjFTzLkY+AqJeAd8jbjLVSQxzR2W0LwXbKe2GSNQ2CKa0PIlAZt68Ll11mJSvziN+xiwZx+lhaEOLCRtdyfPpgko+podqyrMrWVbLtkClh5Vn4LsaAz2QQ/rffj57ZUNk5x17sr9kDgxlWZiuSKwB21VGK8ZEdhrX1/8M91wAFSYUsh0NO4Mvaz8s09ZTh5OlnsEh6OQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mit.edu; dmarc=pass action=none header.from=mit.edu; dkim=pass header.d=mit.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PE1jQes6n8H44OvgF1C1Ft4VY7FYSiS9zdZT90WaZ3g=; b=D8R4IUbYCeYUSTa9sT+LcuDPxz1IBEWuAkYXxifzxat+AI65dx92k3WYdaEFp9Y1+ASkdlHvQ16VsIwPxHfiz/gWf0Xuz6BvALvujkT/xxTzAfKg/8I+NQ3kmwdAkdhR3HTuQP3Bn+mG//EIXWQyYpS1m+tgSMc+w9W/qvW4XL8=
Received: from DM6PR01MB4444.prod.exchangelabs.com (2603:10b6:5:78::15) by BYAPR01MB5592.prod.exchangelabs.com (2603:10b6:a03:118::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6064.25; Wed, 1 Feb 2023 14:46:03 +0000
Received: from DM6PR01MB4444.prod.exchangelabs.com ([fe80::a9b:b1f2:da45:501f]) by DM6PR01MB4444.prod.exchangelabs.com ([fe80::a9b:b1f2:da45:501f%7]) with mapi id 15.20.6043.036; Wed, 1 Feb 2023 14:46:03 +0000
From: Justin Richer <jricher@mit.edu>
To: HTTP Working Group <ietf-http-wg@w3.org>
Thread-Topic: Accept Signature Parameter Semantics
Thread-Index: AQHZNkvosZGtU53dUk68yopoyjyuuQ==
Date: Wed, 01 Feb 2023 14:46:03 +0000
Message-ID: <E428146F-79D7-4118-A10E-46E587C63A27@mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mit.edu;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DM6PR01MB4444:EE_|BYAPR01MB5592:EE_
x-ms-office365-filtering-correlation-id: 15c1213e-9233-4cfb-e8cc-08db04630aff
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: OU6CCmMGKpDlCHBiMpuU0iU87wobYQ0Nzp06NSJINigSHazxJx9ukFFjKtzE+6VfFKIjr0KWEOw1m6mmb/ZDzvRFhd6uVjbZAb0OGFXZ9ODOyjvM9GPFxzM+GMI5Iwtizq1LLok0RpY+RxJ1gci7rms8eF6vKooSucUg1jPNUMXX6+We8j4Jz+uPDKhUfLRGU3A2+/cMjj8ZZ0R5VAVr5Y0Zt+tbohJ04ygYVvrSi/yn8wA05b2eosaWtP/BwmUugTcFhyfpYDWfrZqxk4/VAv78+ZbCa8klYUjUCSkJSt9KYDUFVG/snq4WQzmKIrGfVLr7JXQsulYAaObipJd399abP3ZQdjLIsWmn382/za+Mqxb+k3aNjNVO3kgbukX5odbDIctfOMZf/EKTRmbxJBFZJB02dIDG3Wp4cKnga9LkjyfslNCMQ+6B2DKqhpjRb4pOY51bJWkDmuqUUgxUPSECYYfVmB7Hw/gfZXv8cJVkSxw/5xbe85q+EQJSL17bhEUJsoBLiqVOiXjLlCw1WVBYio03DlDrpKyoV5md3eF6gKU3tesEH9PZWG+PiodCaVcKveLE4FZwxDvvFUpCYN3fGFm7PjWfIHTWKKdYiEXItRwkhrfwUZrRQPykWYB8dmAlOsk9FpO2RZd1NrfvdKGAlQu/ifqQ1UjE0zY+cfXtKkirmFpbOF8nNzqdOxzY/72M/h+CLm8uH+zIJRzUQyTqzwxEUUsBJm6ykzZHCQg=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR01MB4444.prod.exchangelabs.com;PTR:;CAT:NONE;SFS:(13230025)(4636009)(136003)(376002)(346002)(39860400002)(366004)(396003)(451199018)(38070700005)(122000001)(186003)(6512007)(26005)(2616005)(33656002)(75432002)(6506007)(38100700002)(6916009)(8936002)(71200400001)(41300700001)(316002)(786003)(66556008)(66476007)(66446008)(64756008)(8676002)(91956017)(76116006)(66946007)(2906002)(478600001)(6486002)(966005)(86362001)(4744005)(5660300002)(36756003)(3480700007);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: nrfCSgy3xZ2Xv6zp/EhweblTWn0dP+vJ5Xb/g4BjNFQMmQIMBeWZ8K159EfH+OYtmGX6m0rytsSOPgtSfLHbbF3DwpO3ur7SsZ/crM6yklNb0RMgGn981ptAzaPp5AOWGXWstWIHHrNQA31AGKCwE5UgOfJ2IyTZfgbIiLLonHLpOoDYCwrdpm+eTHO9CLPqcFBIqjZ0rVbzqCHkEkzEQXcj7ppyXeGKd8Ja2Bki/mtfezdEiKQ2r5a+E1EuYTTdiCuc/JTmnNBhpPh+p+DfT5n7FjKN8tIP0WsKRByQAyrmtomnlYkEHOZUTNccu0j4dvKkN0wJvu19qX34fohW+pDGuIVi7LuqWs1tZtAhN1F5bS/ivJtFgk6u/WQBqL9j0yYCVxl9kAsfbN1vW/ENKPgf+rsIpyRLbXXGHqvsNr8DjqxlvMtFZ0AGS8gRm0MU8MuNRQ4hVkZe96xR2NRUDJ56/miePfIq+LPMaqzCRKM5kDuVwMDhCCYSsCZVPE/DKSWE9ajaGslnQSqVAxkltc3NOqCMLtW3nYcg1oI6/vppINdoFZlgC1mZY9ttghWl/0K5zFIck2zdARzmMOmqbniyVmEZLfHfql+Uz8Zvj8KHhSzvZYgn980ZsEvt/+BFNtGQhCub6mTGaVjPPB+ntyidSpW5MiZn4Pavjr4U5BYhPyi7pnaKyhxdcn/zSwb+2N0KaYsUbv4VZ5PWo9agUoEv7pC6ZjJupXdBXaqonB0BSrZMPwJZw+FgvX8jDyHbEbgX13INB79P7DLCyFSM6TZNuRXmhRDZe9jeFN8dtVyYB9rmSf8r/rMlim0XRmM99ARFfkV4OWm/6mx44Thm8gxQjP4kFoilRueICfZovfBzu+zd7fyMvjSPKyi8mlCc6j9mhgb9xzUa6NAm6o4DVaSASuczKBQCO8qeXAGBJ6eM9QSAsBri2lP4SnUVj1oBBMdfT66OWhXkLbhM0omZZbmsjDTLRGIKlF19VAw5iRHP0zGRlOv6oB7/ahVzyt9fmWQVdSuUr2QUeF1Ku8ANjJizWj64FSH3ET+p5PndJHqQ5w0KzG14YKYegZPo3cwLMsJI/ttIRVNr9RekvE4p3Civ0WmVCWSNicIaAagfN99azAdOJ2i9q3/CaxTtyLorMJun6K2DJ6ogRacueInlqhhaXfPAX7SwKikeJ+ZOFWNS8lL0S+7AnWFP9sg1dHbu/L0K7TJarKwibmG30SdXgbnzH6YcdbYkQ/XI/5nbG9nSujXd/6sT1qchD1jDmFkUrUHRUEIbBskHviQBrYQA/z+W66mUr0ixZLi2iov3WBN+qUfuEZI2FrlYg10EXyY2j452J1boW8H/MGQkeDHM//2JtkphnWkIEJQK9QuIx6Bq7QGIbsb/wFiW9zkKrpGaKSjyrmB8waKpREwI2dSeSI9/Cacdd2m9XCO5n1wa507lznu9igHAHw4+VDAPl7x8rpsH0LT+Kp0LFvvVuDZj7F9+ZxAHu0KwDLzpoHUxe2tJ/xhlkx9jnjthL4yHEw7oIVoEMDJHS2lypZiXfkjWHcnaGTDKRoxWbAH1eqBxoqMPO1eNPuYAWnAoMt/D9f8b
Content-Type: text/plain; charset="utf-8"
Content-ID: <29EBCE26E9505A41B6A70C7BC51F9E07@prod.exchangelabs.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR01MB4444.prod.exchangelabs.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 15c1213e-9233-4cfb-e8cc-08db04630aff
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Feb 2023 14:46:03.5717 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: nojOQEY3saQhhFyPOkxpP9LFZSm7t0PEz8Ky42EFvNq3OzsPFsu+QPfzlMNMNN+C
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR01MB5592
X-OriginatorOrg: mit.edu
X-W3C-Hub-DKIM-Status: validation passed: (address=jricher@mit.edu domain=mit.edu), signature is good
X-W3C-Hub-Spam-Status: No, score=-7.4
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1pNENi-008aLt-Q3 b6fd015f1562e9cd8c67ce11c73b8026
X-Original-To: ietf-http-wg@w3.org
Subject: Accept Signature Parameter Semantics
Archived-At: <https://www.w3.org/mid/E428146F-79D7-4118-A10E-46E587C63A27@mit.edu>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/50666
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

I’d like a bit more input from the WG about this proposed change in semantics surrounding the parameters in Accept-Signature, from the AD review. The PR is here and has some comments on it:

https://github.com/httpwg/http-extensions/pull/2377/

Previously, sending things like “created” was prohibited, but Francesca made a reasonable point that sending these parameters could be a signal to the signer about what’s wanted in the response. The new text explicitly lays out what each parameter means when it is applied in this context. This dovetails with new text in a separate PR that gives instructions to the DE’s about requiring a parameter be defined in each context.

This does not change the core processing of the field — you still have to sign the list it’s given, and use the given label, if you’re going to respond to it. Response to any accept-signature header is still optional.

 — Justin

v2.38.3 | Report a Bug | By Email | System Status