IETF Logo Mail Archive

Re: #148: Reasonable Assurances and H2C

Mark Nottingham <mnot@mnot.net> Fri, 26 February 2016 21:19 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A6101B308B for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 26 Feb 2016 13:19:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.908
X-Spam-Level:
X-Spam-Status: No, score=-6.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.006, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XQ2HJbyOBoVm for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 26 Feb 2016 13:19:08 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CD8FC1B307F for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 26 Feb 2016 13:19:08 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1aZPiY-0007EC-Br for ietf-http-wg-dist@listhub.w3.org; Fri, 26 Feb 2016 21:14:30 +0000
Resent-Date: Fri, 26 Feb 2016 21:14:30 +0000
Resent-Message-Id: <E1aZPiY-0007EC-Br@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1aZPiT-0007DA-Pr for ietf-http-wg@listhub.w3.org; Fri, 26 Feb 2016 21:14:25 +0000
Received: from mxout-07.mxes.net ([216.86.168.182]) by maggie.w3.org with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1aZPiR-00054E-QB for ietf-http-wg@w3.org; Fri, 26 Feb 2016 21:14:25 +0000
Received: from [192.168.1.109] (unknown [120.149.194.112]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id CC55B22E261; Fri, 26 Feb 2016 16:13:55 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <CALaySJJz_FK=JRtEPo1PH5VTJb=XbUJZE711hBLKadrdsvt_Lw@mail.gmail.com>
Date: Sat, 27 Feb 2016 08:13:52 +1100
Cc: "Julian F. Reschke" <julian.reschke@greenbytes.de>, Martin Thomson <martin.thomson@gmail.com>, Kari Hurtta <hurtta-ietf@elmme-mailer.org>, HTTP WG <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <97553164-A7C4-4F42-B06F-0AD119982669@mnot.net>
References: <20160209074851.32332.24065.idtracker@ietfa.amsl.com> <20160209182822.C37A959F@welho-filter2.welho.com> <B7164F24-DDA1-4753-8A8B-04809B1965FF@mnot.net> <CAC4RtVCCExJNE0y8480vC1W56NP4XhzfvLs+ASh1Qy-UcDPBNw@mail.gmail.com> <C2145C5A-0255-43F9-A44A-F6C7974CDD4C@mnot.net> <CABkgnnW3-c1qaC_N2UP5TLnPS0rrOYjOYFb4nhUzfQ_8AFsTJA@mail.gmail.com> <072D900D-422E-4168-8DCF-51A739BC9E5A@mnot.net> <CABkgnnWAbKY8RZ5gvjPan3M_-XpjFSau0yDN97H=CfLb0DNL2g@mail.gmail.com> <2DDC5527-43AC-4BD2-8ED9-F68D747A7E0C@mnot.net> <56CFFE31.6090503@greenbytes.de> <12592576-7F89-4309-B97D-753C9402CE7B@mnot.net> <CALaySJJz_FK=JRtEPo1PH5VTJb=XbUJZE711hBLKadrdsvt_Lw@mail.gmail.com>
To: Barry Leiba <barryleiba@computer.org>
X-Mailer: Apple Mail (2.3112)
Received-SPF: pass client-ip=216.86.168.182; envelope-from=mnot@mnot.net; helo=mxout-07.mxes.net
X-W3C-Hub-Spam-Status: No, score=-8.3
X-W3C-Hub-Spam-Report: AWL=1.312, BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: maggie.w3.org 1aZPiR-00054E-QB 76479e151f7115e924318d08c1b04d7c
X-Original-To: ietf-http-wg@w3.org
Subject: Re: #148: Reasonable Assurances and H2C
Archived-At: <http://www.w3.org/mid/97553164-A7C4-4F42-B06F-0AD119982669@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/31110
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

> On 27 Feb 2016, at 1:37 AM, Barry Leiba <barryleiba@computer.org> wrote:
> 
>>>>  For the purposes of this document, "reasonable assurances" can be
>>>>  established through use of a TLS-based protocol with the certificate
>>>>  checks defined in [RFC2818].  Other means of establishing them MUST
>>>>  be documented in an RFC that updates this specification.  Clients MAY
>>>>  impose additional criteria for establishing reasonable assurances.
>>> 
>>> As far as I understand, this is a hook for draft-ietf-httpbis-http2-encryption-03,
>>> which is currently labeled "experimental". It is my understanding that
>>> experimental RFCs will have a hard time "updating" a standards-track
>>> RFC, though...
>> 
>> Barry, any insights here?
> 
> Yeh, why is "that updates this document" there?  Why do readers of
> this document have to know about means that are provided in other
> documents, such that "updates" is needed?

We wanted to assure that any other way to establish reasonable assurances had sufficient vetting, and that someone reading this spec could find all the different ways to establish reasonable assurances.

Any additional insights (hopefully in non-question form)?

Cheers (and thanks),




--
Mark Nottingham   https://www.mnot.net/

v2.30.2 | Report a Bug | By Email | System Status