Re: New Version Notification for draft-bdc-something-something-certificate-05.txt
Justin Richer <jricher@mit.edu> Tue, 23 March 2021 20:04 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D43343A1429 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 23 Mar 2021 13:04:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.647
X-Spam-Level:
X-Spam-Status: No, score=-2.647 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V19ta1VN6Ujw for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 23 Mar 2021 13:04:20 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5D9E13A142A for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 23 Mar 2021 13:04:20 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1lOnCN-0001U9-Le for ietf-http-wg-dist@listhub.w3.org; Tue, 23 Mar 2021 20:00:19 +0000
Resent-Date: Tue, 23 Mar 2021 20:00:19 +0000
Resent-Message-Id: <E1lOnCN-0001U9-Le@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <jricher@mit.edu>) id 1lOnCM-0001TW-K0 for ietf-http-wg@listhub.w3.org; Tue, 23 Mar 2021 20:00:18 +0000
Received: from outgoing-auth-1.mit.edu ([18.9.28.11] helo=outgoing.mit.edu) by titan.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <jricher@mit.edu>) id 1lOnCG-0001dA-Ll for ietf-http-wg@w3.org; Tue, 23 Mar 2021 20:00:18 +0000
Received: from [192.168.1.22] (static-71-174-62-56.bstnma.fios.verizon.net [71.174.62.56]) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 12NJxwnI021091 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 23 Mar 2021 16:00:00 -0400
From: Justin Richer <jricher@mit.edu>
Message-Id: <7FAB4F19-CD97-47DE-B7BA-E1336B684F76@mit.edu>
Content-Type: multipart/alternative; boundary="Apple-Mail=_2D94B942-D597-49CE-B9B4-C1959540E190"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
Date: Tue, 23 Mar 2021 15:59:58 -0400
In-Reply-To: <CA+k3eCSRnJYzrGUJVug6Le10QESfuGic+RSrFGnDNgrnUREyRw@mail.gmail.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
To: Brian Campbell <bcampbell@pingidentity.com>
References: <161651647072.2589.12135860699769274282@ietfa.amsl.com> <CA+k3eCSRnJYzrGUJVug6Le10QESfuGic+RSrFGnDNgrnUREyRw@mail.gmail.com>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
X-W3C-Hub-Spam-Status: No, score=-7.2
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1lOnCG-0001dA-Ll c934d9b89705dabb1b1cd43472dceae5
X-Original-To: ietf-http-wg@w3.org
Subject: Re: New Version Notification for draft-bdc-something-something-certificate-05.txt
Archived-At: <https://www.w3.org/mid/7FAB4F19-CD97-47DE-B7BA-E1336B684F76@mit.edu>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/38660
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
This is a simple draft, and I think it’s worth publishing. As a developer it’s a pain to deal with each different server implementation’s method of cramming a cert into the header, and in most cases it’s people following recipes from Stack Overflow to get it done. I have no delusions about an RFC fixing that variability over night, but it would be my hope that servers would adopt the standard version and make it easy to use (easier than copying from Stack Overflow, even). It’s a small but consistent pain point, something that everyone has to solve in their own weird way. I think we can alleviate that pain. — Justin > On Mar 23, 2021, at 3:27 PM, Brian Campbell <bcampbell@pingidentity.com> wrote: > > After a bit of a hiatus (largely due to some misunderstanding on my part around expectations and next steps), I've updated the 'Client-Cert' header draft. > > The intended status of the draft has been changed to informational in hopes of better conveying the aspirational scope/goal of the document. Which is to describe existing practice and codify a simple variant thereof in order to hopefully nudge implementations towards more consistency and better, simpler out-of-the-box interoperability. > > > ---------- Forwarded message --------- > From: <internet-drafts@ietf.org <mailto:internet-drafts@ietf.org>> > Date: Tue, Mar 23, 2021 at 10:21 AM > Subject: New Version Notification for draft-bdc-something-something-certificate-05.txt > To: Brian Campbell <bcampbell@pingidentity.com <mailto:bcampbell@pingidentity.com>> > > > > A new version of I-D, draft-bdc-something-something-certificate-05.txt > has been successfully submitted by Brian Campbell and posted to the > IETF repository. > > Name: draft-bdc-something-something-certificate > Revision: 05 > Title: Client-Cert HTTP Header: Conveying Client Certificate Information from TLS Terminating Reverse Proxies to Origin Server Applications > Document date: 2021-03-23 > Group: Individual Submission > Pages: 13 > URL: https://www.ietf.org/archive/id/draft-bdc-something-something-certificate-05.txt <https://www.ietf.org/archive/id/draft-bdc-something-something-certificate-05.txt> > Status: https://datatracker.ietf.org/doc/draft-bdc-something-something-certificate/ <https://datatracker.ietf.org/doc/draft-bdc-something-something-certificate/> > Html: https://www.ietf.org/archive/id/draft-bdc-something-something-certificate-05.html <https://www.ietf.org/archive/id/draft-bdc-something-something-certificate-05.html> > Htmlized: https://tools.ietf.org/html/draft-bdc-something-something-certificate-05 <https://tools.ietf.org/html/draft-bdc-something-something-certificate-05> > Diff: https://www.ietf.org/rfcdiff?url2=draft-bdc-something-something-certificate-05 <https://www.ietf.org/rfcdiff?url2=draft-bdc-something-something-certificate-05> > > Abstract: > This document defines the HTTP header field "Client-Cert" that allows > a TLS terminating reverse proxy to convey the client certificate of a > mutually-authenticated TLS connection to the origin server in a > common and predictable manner. > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org <http://tools.ietf.org/>. > > The IETF Secretariat > > > > CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you.
- Fwd: New Version Notification for draft-bdc-somet… Brian Campbell
- Re: New Version Notification for draft-bdc-someth… Justin Richer