Re: IETF HTTPBIS I-D submission - please review draft-sandowicz-httpbis-httpa2
Mark Nottingham <mnot@mnot.net> Tue, 18 October 2022 22:55 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 76D4FC1524C4 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 18 Oct 2022 15:55:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.059
X-Spam-Level:
X-Spam-Status: No, score=-5.059 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnot.net header.b=ZyzwxaaZ; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=ksaXioT+
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QO96iEME2EXp for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 18 Oct 2022 15:55:33 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B719C14CF1B for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 18 Oct 2022 15:55:32 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1okvRk-001uqq-UN for ietf-http-wg-dist@listhub.w3.org; Tue, 18 Oct 2022 22:52:28 +0000
Resent-Date: Tue, 18 Oct 2022 22:52:28 +0000
Resent-Message-Id: <E1okvRk-001uqq-UN@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <mnot@mnot.net>) id 1okvRj-001upY-0d for ietf-http-wg@listhub.w3.org; Tue, 18 Oct 2022 22:52:27 +0000
Received: from wout1-smtp.messagingengine.com ([64.147.123.24]) by titan.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <mnot@mnot.net>) id 1okvRg-00FIOa-LW for ietf-http-wg@w3.org; Tue, 18 Oct 2022 22:52:26 +0000
Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 1A8A6320034E; Tue, 18 Oct 2022 18:52:11 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Tue, 18 Oct 2022 18:52:11 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm1; t=1666133530; x= 1666219930; bh=6IaD1MMMyhsgVYAoSVm/8fMMFx9g8jF18IABwNz1xII=; b=Z yzwxaaZFr0cbYGvKFJejo0kJHBZAPVZnSxdZ5bC489sjuBgPwXF+j502eD2l8e6Q BgV9SHmofHaB0RVM7Ou3IF3eVkvH7XHwmvI6ai0lbVpzMPUAmYNVLx4eo4d8AW/E xbZftbewaWYG0sflFalm7eFS2xlfAp1bjpOkBuZwF99iuAbNohgSszwGQHDhlCrq MPj7g7J0iacPF4iUaI+u6JL8A+dSK16Wm9D6pVSevkq8zbHYBKDOnrz0HC7mM/hU omA4DeETRc5X26c6BJ9G0eaxi1QhWawald7qVtDx/nLwyWIMTU5jNNbepLzsaca9 nLXhGhT0+4Saw3uyYS9Lg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1666133530; x= 1666219930; bh=6IaD1MMMyhsgVYAoSVm/8fMMFx9g8jF18IABwNz1xII=; b=k saXioT+ucd8lhzbFng94jr4mmVJ9lQOn2kRpPYhR9gsUeZYtJQA5bbkZFMEHLB1Z Got7VJZ1CkONp4NTooYiQC3phfbDvlWxKYsIBgE335/hoNgX3EF2RnyZjDDGNrwL 0Ku5oeGT+XoGX9CuLU04H0QRnOplBuo6hsONCWMO/vBbxfqhsofHeP8oK260TTjt LR79F/u8guWkSphyPGjOT9XouQsPyuwMlp2sIs3s5VCWKNEZUrOeu7D/cG3vpLMS Q4uCrL71lRTw2pqHfsQLw4LEr7CMP/tkOCCaEkgxJyD0LyERCThZbkjaw1QXqd6p fn9IwarAzmuAHFpN6/wog==
X-ME-Sender: <xms:Gi5PY0No8_DUhtH74K9Am6V2yL3lZIG_szqK_L2QRAyPUTT_2Qav6g> <xme:Gi5PY6-yCccN_8n4DHtB9ePd-sEHFKiVXpRYSYqPoa7HqPshGs1WrU1R8m087Uxlq NdsUtzMNlj9N-JGKA>
X-ME-Received: <xmr:Gi5PY7SmXugqP5xXlwMPAKTeu3FlxxHQE7w20WoGwtia-GH9xBzzwD1iDkxxl13zEJ7Sb9WwEfDeAWAXC4dl4ORBVjxj2PzBFJRlRXYOoShmtImyDvdBnsjv>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrfeelfedgudehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurheptggguffhjgffvefgkfhfvffosehtqhhmtdhhtdejnecuhfhrohhmpeforghr khcupfhothhtihhnghhhrghmuceomhhnohhtsehmnhhothdrnhgvtheqnecuggftrfgrth htvghrnhepveevvdffhfeiveeugfeiledutdehffdvkeehiefgvddvtdeigfekteffhfeg iedvnecuffhomhgrihhnpehhthhtphdqrhgvlhgrthgvugdrohhnvgdphhhtthhpohhrfh horhgrnhgvfiifghhtohgsvghfohhrmhgvughorhhfohhrnhhorggtthhiohhnrdhinhen ucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmnhhoth esmhhnohhtrdhnvght
X-ME-Proxy: <xmx:Gi5PY8se5gQIZjArFs8DZ2FNxJiR5aZtlZbfyNbIgh2oJyJsGOhZqw> <xmx:Gi5PY8dCDX-kwxaKgvQcXDsWVnSGTkFNuUvUekP2HTyxfyviwp4PlA> <xmx:Gi5PYw3V_qSuc4iN_SROiSdAOwX-TNZs3xpsiyf050HnGtDy5LKguA> <xmx:Gi5PY07vtU6mFZZvEL6QQwJP_BC8ID8d_wMXoeAbAH-bi2gKRVTwZQ>
Feedback-ID: ie6694242:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 18 Oct 2022 18:52:08 -0400 (EDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <SJ0PR11MB508691A7509410126D2D1721FF289@SJ0PR11MB5086.namprd11.prod.outlook.com>
Date: Wed, 19 Oct 2022 09:52:03 +1100
Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>, "francesca.palombini@ericsson.com" <francesca.palombini@ericsson.com>, "tpauly@apple.com" <tpauly@apple.com>, "Murray S. Kucherawy" <superuser@gmail.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <41C874A5-B6E3-40AA-95DD-4044938D7E2A@mnot.net>
References: <SJ0PR11MB50860B6C41B4AD7439E03CCDFF229@SJ0PR11MB5086.namprd11.prod.outlook.com> <2D1C5FC2-B904-4E5C-A9FE-ED91EFE9EDB2@mnot.net> <SJ0PR11MB508683F38E26D37FDCEF35F6FF259@SJ0PR11MB5086.namprd11.prod.outlook.com> <SJ0PR11MB508691A7509410126D2D1721FF289@SJ0PR11MB5086.namprd11.prod.outlook.com>
To: "Sandowicz, Krzysztof" <krzysztof.sandowicz@intel.com>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Received-SPF: pass client-ip=64.147.123.24; envelope-from=mnot@mnot.net; helo=wout1-smtp.messagingengine.com
X-W3C-Hub-DKIM-Status: validation passed: (address=mnot@mnot.net domain=mnot.net), signature is good
X-W3C-Hub-DKIM-Status: validation passed: (address=mnot@mnot.net domain=messagingengine.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-7.1
X-W3C-Hub-Spam-Report: BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1okvRg-00FIOa-LW 1b3d48a950847df3b7f65e9e067a8784
X-Original-To: ietf-http-wg@w3.org
Subject: Re: IETF HTTPBIS I-D submission - please review draft-sandowicz-httpbis-httpa2
Archived-At: <https://www.w3.org/mid/41C874A5-B6E3-40AA-95DD-4044938D7E2A@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/40466
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hello Krzysztof, I can see your draft on the data tracker now. For the HTTP WG to adopt a draft, we need to see that there's both interest in implementing it and consensus to adopt it. The best way to do that is to circulate the draft on the mailing list (which you've now done) -- if there's interest, people will express it there. We also need to assure that it's in-scope for the group; sometimes, it's better to take work into a separate group, even though it's HTTP-related. One way to do that is to take it to the DISPATCH and/or SECDISPATCH Working Group, so that the broader community can have a discussion about what an appropriate path forward is. Note that this is not a simple 'reject/approve' decision -- building consensus to do work usually takes considerable time and effort. If work starts (either in an existing group or a new one), the document will at *most* be a starting point for work, and there will need to be consensus demonstrated on its contents and all their details. Importantly, change control for the document (if adopted as a starting point for work) will transfer from the authors to the IETF. That means that as authors, you will have no greater rights to determine what it contains than anyone else in the process. As I said before, my recommendation would be to take this document to DISPATCH and/or SECDISPATCH, to present it to the broader community. This is not a review process; it's presenting your draft for discussion and a recommendation as to a path forward. That recommendation might be to send it for consideration by an existing WG (like HTTP), or for a new WG to be formed, or for no action. In the latter case, you're welcome to continue working on the draft to try to address feedback you receive. Hope this helps, > On 19 Oct 2022, at 2:25 am, Sandowicz, Krzysztof <krzysztof.sandowicz@intel.com> wrote: > > Hi, > Please let me know what is the next step in IETF process regarding Internet-Draft (draft-sandowicz-httpbis-httpa2) submitted by me? > Please confirm that you can find my draft on the datatracker? > > I assumed that submitted draft is decided to be either rejected or approved by any WG and then its name is changed > from > draft-(author)-(group)-(subject)-(version) (i.e. draft-sandowicz-httpbis-httpa2-00) > into > draft-(source)-(group)-(subject)-(version) (i.e. draft-ietf-httpbis-httpa2-00) > > and then I should expect feedback from WG which adopt/approve the submission. > > Regards, > Krzysztof > > -----Original Message----- > From: Sandowicz, Krzysztof > Sent: Thursday, October 13, 2022 12:25 PM > To: Mark Nottingham <mnot@mnot.net> > Cc: francesca.palombini@ericsson.com; tpauly@apple.com; Murray S. Kucherawy <superuser@gmail.com> > Subject: RE: IETF HTTPBIS I-D submission - please review draft-sandowicz-httpbis-httpa2 > > Mark, > Thank you for quick response. > I didn't receive any email to confirm posting before. > I could find it on: https://datatracker.ietf.org/submit/status/ using our I-D name: draft-sandowicz-httpbis-httpa2 I just updated submitter information in our submission on datatracker.ietf.org, so submission status has chaned to 'Posted'. Please try again. > > Yes, we prepared HTTPA/2 which is newer version of our https://arxiv.org/abs/2110.07954 > > I thought that it is internal IETF decision which WG would review I-D. That's why I submitted it to HTTPBIS, but I will also send email to DISPATCH and SECDISPATCH WG. > Thank you for feedback about a name 'HTTPA'. I let authors to change it in newer version. > > Regards, > Krzysztof > > -----Original Message----- > From: Mark Nottingham <mnot@mnot.net> > Sent: Thursday, October 13, 2022 1:38 AM > To: Sandowicz, Krzysztof <krzysztof.sandowicz@intel.com> > Cc: francesca.palombini@ericsson.com; tpauly@apple.com; Murray S. Kucherawy <superuser@gmail.com> > Subject: Re: IETF HTTPBIS I-D submission - please review draft-sandowicz-httpbis-httpa2 > > [ CCing in Murray as AD, since Francesca is on leave ] > > Hello Krzysztof, > > I can't find your draft on the datatracker -- did you follow the link in the email you received to confirm posting? > > Assuming that your proposal is along the lines of this paper: <https://arxiv.org/abs/2110.07954>, there are a few things to consider. > > The HTTP Working Group is definitely the body who would assure that the proposed extension uses HTTP in an appropriate manner. > > Sometimes, extensions like this are standardised directly by the HTTP Working Group, because they are sufficiently generic that they're likely to be broadly applicable -- for example, the in-process Signatures draft <https://httpwg.org/http-extensions/draft-ietf-httpbis-message-signatures.html>. > > In other cases, there's a specific community focused on the applicable use cases, and the work is carried out in a separate Working Group that liaises with the HTTP Working Group. For example, the MASQUE Working Group <https://ietf-wg-masque.github.io> is defining extensions to HTTP for very specific uses. > > There are a number of factors that go into determining which approach is appropriate, but before that it's necessary to determine whether the IETF believes the work should commence. So, I'd recommend taking your work to one or both of the DISPATCH and SECDISPATCH Working Groups, who are set up to answer these questions (in the ART and SEC areas, respectively). See: > https://datatracker.ietf.org/wg/dispatch/about/ > https://datatracker.ietf.org/wg/secdispatch/about/ > > Specifically, I think your next step is to send an e-mail to one or both of those mailing lists asking for time at IETF115. If you ask for time at both, it's polite to tell them that. > > Separately, you should know that there's likely to be a strong negative reaction to a name like "HTTPA." There's a widely-held belief that giving HTTPS a separate name to denote a security property was a mistake that we would undo if we could. Calling this something like "Attestation Extensions for HTTP" is likely to get a better reaction. > > Cheers, > > >> On 12 Oct 2022, at 8:24 pm, Sandowicz, Krzysztof <krzysztof.sandowicz@intel.com> wrote: >> >> Hi, >> In the name of group of people working on an extension to HTTP protocol with attestation called: “The Hypertext Transfer Protocol Attestable (HTTPA)” I submitted our Internet-Draft to IETF. >> Please find it on: https://datatracker.ietf.org/submit/status/ using >> our I-D name: draft-sandowicz-httpbis-httpa2 >> >> I receive information from IETF support that I should ask you (HTTPBIS WG) to ask for review of the document in order to progress it to getting adopted by a working group. >> Please let me know what do you need from me to proceed with IETF process to publish RFC. >> >> Regards, >> Krzysztof Sandowicz >> >> ====================================================================== >> ======= Cloud Software Architect, Intel Product Assurance & Security / >> Security Software and Services Direct (Poland): +48 (58) 766 1619, >> iNET: 8-348-1619 >> ====================================================================== >> ======= >> >> >> Intel Technology Poland sp. z o.o. >> ul. Słowackiego 173 | 80-298 Gdańsk | Sąd Rejonowy Gdańsk Północ | VII Wydział Gospodarczy Krajowego Rejestru Sądowego - KRS 101882 | NIP 957-07-52-316 | Kapitał zakładowy 200.000 PLN. >> Spółka oświadcza, że posiada status dużego przedsiębiorcy w rozumieniu ustawy z dnia 8 marca 2013 r. o przeciwdziałaniu nadmiernym opóźnieniom w transakcjach handlowych. >> >> Ta wiadomość wraz z załącznikami jest przeznaczona dla określonego adresata i może zawierać informacje poufne. W razie przypadkowego otrzymania tej wiadomości, prosimy o powiadomienie nadawcy oraz trwałe jej usunięcie; jakiekolwiek przeglądanie lub rozpowszechnianie jest zabronione. >> This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). If you are not the intended recipient, please contact the sender and delete all copies; any review or distribution by others is strictly prohibited. >> > > -- > Mark Nottingham https://www.mnot.net/ > > --------------------------------------------------------------------- > Intel Technology Poland sp. z o.o. > ul. Slowackiego 173 | 80-298 Gdansk | Sad Rejonowy Gdansk Polnoc | VII Wydzial Gospodarczy Krajowego Rejestru Sadowego - KRS 101882 | NIP 957-07-52-316 | Kapital zakladowy 200.000 PLN. > Spolka oswiadcza, ze posiada status duzego przedsiebiorcy w rozumieniu ustawy z dnia 8 marca 2013 r. o przeciwdzialaniu nadmiernym opoznieniom w transakcjach handlowych. > > Ta wiadomosc wraz z zalacznikami jest przeznaczona dla okreslonego adresata i moze zawierac informacje poufne. W razie przypadkowego otrzymania tej wiadomosci, prosimy o powiadomienie nadawcy oraz trwale jej usuniecie; jakiekolwiek przegladanie lub rozpowszechnianie jest zabronione. > This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). If you are not the intended recipient, please contact the sender and delete all copies; any review or distribution by others is strictly prohibited. -- Mark Nottingham https://www.mnot.net/
- Re: IETF HTTPBIS I-D submission - please review d… Mark Nottingham
- Re: IETF HTTPBIS I-D submission - please review d… Martin Thomson