IETF Logo Mail Archive

Re: Working Group Last Call: The Concealed HTTP Authentication Scheme

Dennis Jackson <ietf@dennis-jackson.uk> Wed, 12 June 2024 11:42 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=ietf.org@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF009C151091 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 12 Jun 2024 04:42:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.858
X-Spam-Level:
X-Spam-Status: No, score=-7.858 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="iJ+6/PWK"; dkim=pass (2048-bit key) header.d=w3.org header.b="on4SgO2L"; dkim=pass (2048-bit key) header.d=dennis-jackson.uk header.b="dEzIwrW5"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id haKYApgF-7UY for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 12 Jun 2024 04:41:57 -0700 (PDT)
Received: from mab.w3.org (mab.w3.org [IPv6:2600:1f18:7d7a:2700:d091:4b25:8566:8113]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36E89C14F5EC for <httpbisa-archive-bis2Juki@ietf.org>; Wed, 12 Jun 2024 04:41:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Content-Type:In-Reply-To:References:Cc:To:From:MIME-Version: Date:Message-ID:Reply-To; bh=XfW+eAZAdaMdG/sVZuq8QnaoLiZbNd0rDSroJCf0BzA=; b= iJ+6/PWKzq14vm/SyOe8KEMCBZvAfXto1rAvABxEBlCaBSVR1BokrN0FRqPta3OGvSMdVFsAPRR+8 CQc6eSRdZ0q4ZT3JdOqMPYaoelZ48AooJuBrXkUYVScUWjA3mC8n4B31unMjk5YYu3yrGO2FeRrzo ahsX98xuUDiRT2qSx86oSaVNAaN3+cww4/jTydczkhZNu4HI+hdIPyBfyx0y5+0OBGQFmHcx+1dQ5 LMc99Bgz+By2/d9chahsPWZ+KTq7dGu9+rf7TfGWwR06vn7BuOxhfWlIktz4RG2samAjyBDLj6cPM NddE8iaqr1yqniXbGs/D8p49zaQdD/Z/Ng==;
Received: from lists by mab.w3.org with local (Exim 4.96) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1sHMLZ-00GQgr-20 for ietf-http-wg-dist@listhub.w3.org; Wed, 12 Jun 2024 11:40:57 +0000
Resent-Date: Wed, 12 Jun 2024 11:40:57 +0000
Resent-Message-Id: <E1sHMLZ-00GQgr-20@mab.w3.org>
Received: from ip-10-0-0-144.ec2.internal ([10.0.0.144] helo=pan.w3.org) by mab.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <ietf@dennis-jackson.uk>) id 1sHMLX-00GQfr-34 for ietf-http-wg@listhub.w3.internal; Wed, 12 Jun 2024 11:40:55 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Content-Type:In-Reply-To:References:Cc:To:Subject:From:MIME-Version: Date:Message-ID:Reply-To; bh=XfW+eAZAdaMdG/sVZuq8QnaoLiZbNd0rDSroJCf0BzA=; t=1718192455; x=1719056455; b=on4SgO2LH11QHZ4ywgUZ7XKG8XjqGfvfgyJkG7ELb+WkXHW Vkde/3UHnCHWSQPHNxj7+FubJqZH23fAiQj8Z2SRq+iBCMw3WNf3t49vlZGb7iz22nerpxtSksgGX /ZLRiewfXdG074ovVX37QcF33sdOeYzXb23TADN5PQ2z+T6nFRUrhA36r/pKl808rerCFpyBPKwoU 4+iGfkNwuMlsTxQgbkwfZqt6vFgbs3NI5AWs7gCuMxP1iAB/AHXGT2d+OhKjyZbNkpybvuCR4Rly5 RIDMkYXA1ZRcBP4OmWDlUWTem586jxNF9qAUqolXTOVZkEq7DHL0dN5XiOS13iBw==;
Received-SPF: pass (pan.w3.org: domain of dennis-jackson.uk designates 2001:67c:2050:0:465::103 as permitted sender) client-ip=2001:67c:2050:0:465::103; envelope-from=ietf@dennis-jackson.uk; helo=mout-p-103.mailbox.org;
Received: from mout-p-103.mailbox.org ([2001:67c:2050:0:465::103]) by pan.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <ietf@dennis-jackson.uk>) id 1sHMLX-00EBa5-0B for ietf-http-wg@w3.org; Wed, 12 Jun 2024 11:40:55 +0000
Received: from smtp202.mailbox.org (smtp202.mailbox.org [10.196.197.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-103.mailbox.org (Postfix) with ESMTPS id 4VzkBR2rwjz9sky; Wed, 12 Jun 2024 13:40:47 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dennis-jackson.uk; s=MBO0001; t=1718192447; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=XfW+eAZAdaMdG/sVZuq8QnaoLiZbNd0rDSroJCf0BzA=; b=dEzIwrW5A/EyyVwdjJpNh4aJCMne5daSTvgwWzgbAhrGyh58J7LftwfG+eEAYgb6e46MMV +zjzFNcPMcm/iMxv9FY4+Lfe1STFUyZgLkfpUWlNlsLHr2JZRP6GLH7M/ZQ+/O9BYId60d /+xHiaW9rh+LQZIBp8CTaR5bKVUgSjTsKkKKlv4pxgU4xXpFn7jZmgRy+mq4VNQEj+O3dm MiIOOUyqOjNLZNmKU/jpnPLBvD9HfpnxWuA2oxI6uijXW44lWZFSInmARSNgXAK4xbJcwX 5ZwDWo4bi5m2H00kUOUN6+PLRdDZjCDmQfUyTQwk3Z29iJWp4Q2mivYic6n1Hg==
Message-ID: <99063502-e68c-4bcb-9ecb-1bcbeec952b3@dennis-jackson.uk>
Date: Wed, 12 Jun 2024 12:40:45 +0100
MIME-Version: 1.0
From: Dennis Jackson <ietf@dennis-jackson.uk>
To: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Cc: Tommy Pauly <tpauly@apple.com>, Jonathan Hoyland <jonathan.hoyland@gmail.com>
References: <4270C5C8-23AA-456C-8AB4-A8B23E83224C@mnot.net>
Content-Language: en-US
In-Reply-To: <4270C5C8-23AA-456C-8AB4-A8B23E83224C@mnot.net>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-W3C-Hub-DKIM-Status: validation passed: (address=ietf@dennis-jackson.uk domain=dennis-jackson.uk), signature is good
X-W3C-Hub-Spam-Status: No, score=-4.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: pan.w3.org 1sHMLX-00EBa5-0B 979a39861f45b9fcc3f197be5ece0dcc
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Working Group Last Call: The Concealed HTTP Authentication Scheme
Archived-At: <https://www.w3.org/mid/99063502-e68c-4bcb-9ecb-1bcbeec952b3@dennis-jackson.uk>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/51994
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

I have reviewed the document and don't have any issues or objections.

I believe Jonathan was working to formally verify the design? Has that 
process arrived at an outcome or been paused? If there's a concrete 
outcome, it might be nice to point to it in the document as an 
informative reference.

Best,
Dennis

On 11/06/2024 20:55, Mark Nottingham wrote:
> Working Group participants,
>
> This e-mail announces Working Group Last Call for revision 07 of the 
> following document:
> https://datatracker.ietf.org/doc/draft-ietf-httpbis-unprompted-auth/
>
> There are no outstanding issues in GitHub, and the editors indicate 
> that they believe it is ready.
>
> Please review the document and raise any issues you find (preferably 
> on GitHub, but also acceptable on-list) and indicate whether you 
> support publication (or object to it) in response to this message.
>
> Working Group Last Call will end on 27 June 2024.
>
> Cheers,
>
> --
> Mark Nottingham https://www.mnot.net/
>
>

v2.37.1 | Report a Bug | By Email | System Status