Benjamin Kaduk's Discuss on draft-ietf-httpbis-expect-ct-07: (with DISCUSS and COMMENT)
Benjamin Kaduk <kaduk@mit.edu> Wed, 12 September 2018 16:46 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DFC4D130E94 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 12 Sep 2018 09:46:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.651
X-Spam-Level:
X-Spam-Status: No, score=-2.651 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5UB-Nf_oVr2M for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 12 Sep 2018 09:45:58 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [IPv6:2603:400a:ffff:804:801e:34:0:38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D026E130DF3 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 12 Sep 2018 09:45:58 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.89) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1g08Fb-0005IL-Pk for ietf-http-wg-dist@listhub.w3.org; Wed, 12 Sep 2018 16:44:23 +0000
Resent-Date: Wed, 12 Sep 2018 16:44:23 +0000
Resent-Message-Id: <E1g08Fb-0005IL-Pk@frink.w3.org>
Received: from uranus.w3.org ([128.30.52.58]) by frink.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <kaduk@mit.edu>) id 1g08FY-0005Hi-TP for ietf-http-wg@listhub.w3.org; Wed, 12 Sep 2018 16:44:20 +0000
Received: from www-data by uranus.w3.org with local (Exim 4.89) (envelope-from <kaduk@mit.edu>) id 1g08FY-0007Lc-OY for ietf-http-wg@listhub.w3.org; Wed, 12 Sep 2018 16:44:20 +0000
Received: from titan.w3.org ([2603:400a:ffff:804:801e:34:0:4c]) by frink.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <kaduk@mit.edu>) id 1g083F-0007XW-An for ietf-http-wg@listhub.w3.org; Wed, 12 Sep 2018 16:31:37 +0000
Received: from mail.ietf.org ([2001:1900:3001:11::2c]) by titan.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <kaduk@mit.edu>) id 1g083C-0000U3-No for ietf-http-wg@w3.org; Wed, 12 Sep 2018 16:31:37 +0000
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 990A2130E69; Wed, 12 Sep 2018 09:31:12 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Benjamin Kaduk <kaduk@mit.edu>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-httpbis-expect-ct@ietf.org, Mark Nottingham <mnot@mnot.net>, httpbis-chairs@ietf.org, mnot@mnot.net, ietf-http-wg@w3.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.83.1
Auto-Submitted: auto-generated
Message-ID: <153676987261.9436.14973131819947411579.idtracker@ietfa.amsl.com>
Date: Wed, 12 Sep 2018 09:31:12 -0700
X-W3C-Hub-Spam-Status: No, score=-12.2
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_SOFTFAIL=0.665, W3C_AA=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1g083C-0000U3-No 96870888eebf178c844e2710f1f03e64
X-caa-id: 1e1bc4b45d
X-Original-To: ietf-http-wg@w3.org
Subject: Benjamin Kaduk's Discuss on draft-ietf-httpbis-expect-ct-07: (with DISCUSS and COMMENT)
Archived-At: <https://www.w3.org/mid/153676987261.9436.14973131819947411579.idtracker@ietfa.amsl.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/35907
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Benjamin Kaduk has entered the following ballot position for draft-ietf-httpbis-expect-ct-07: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-httpbis-expect-ct/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- This should be a trivial discuss to resolve, but affects interoperability so is still balloted as such. In Section 3.1: o "validated-certificate-chain": the value is the certificate chain as constructed by the UA during certificate chain verification. (This may differ from the value of the "served-certificate-chain" key.) The value is provided as an array of strings, which MUST appear in the order matching the chain that the UA validated; each string in the array is the Privacy-Enhanced Mail (PEM) representation of each X.509 certificate as described in [RFC7468]. This needs to say whether the end-entity certificate appears first or last (that is, without assuming what order the UA's chain-validation code uses). I believe we usually say something like "the first certificate in the chain represents the end-entity certificate being verified". ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Some section-by-section comments: Section 1 I should probably defer to the HTTP experts in the room, but I was not sure if it is better to say that we are defining a new "HTTP header field" or a new "HTTP response header field". Section 1.1 RFC 8174 has updated BCP 14 boilerplate text. Section 1.2 The "Certificate Transparency Policy" definition implicitly assumes that SCTs will be served on TLS connections, as opposed to obtained out of band (perhaps via a UA-side cache). This doesn't seem immediately problematic, but perhaps a more generic definition is advisable. Section 2.1 Please also note that the '#' ABNF extension is specified in Section 7 of RFC 7230. Also, since the 'max-age' directive is required, are the semantics actually just "#" or would "1#" be more accurate? 4. UAs MUST ignore any header fields containing directives, or other header field value data, that do not conform to the syntax defined in this specification. In particular, UAs must not attempt to fix malformed header fields. seems like a candidate for RFC2119 "MUST NOT". Section 2.3.2.2 If the substring matching the host production from the Request-URI (of the message to which the host responded) does not congruently match an existing Known Expect-CT Host's domain name, [...] I'm having trouble parsing "production" -- is this a term of art I need to look up? Section 3.1 What's the extension model for the JSON report objects (e.g., if a new "source" value needs to be defined, or a new CT version is published)? Also, for the base64 encoded fields, are trailing '='s stripped (or do we not care)? Section 3.3 It's strange to say that the server MAY discard reports with "test-report" set to true, and then not say at all what the server is supposed to do when "test-report" is false or absent. Section 5 Expect-CT can be used to infer what Certificate Transparency policy is in use, [...] In use by whom; the UA?
- Benjamin Kaduk's Discuss on draft-ietf-httpbis-ex… Benjamin Kaduk
- Re: Benjamin Kaduk's Discuss on draft-ietf-httpbi… Alexey Melnikov
- Re: Benjamin Kaduk's Discuss on draft-ietf-httpbi… Benjamin Kaduk
- Re: Benjamin Kaduk's Discuss on draft-ietf-httpbi… Emily Stark