ANN: drafts discussing Secure Content Delegation (aka "blind caches")
Julian Reschke <julian.reschke@gmx.de> Wed, 30 March 2016 19:50 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81F9312D913 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 30 Mar 2016 12:50:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.931
X-Spam-Level:
X-Spam-Status: No, score=-6.931 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hxEn4_3SVw84 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 30 Mar 2016 12:50:05 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 866F412D915 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 30 Mar 2016 12:50:04 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1alM2d-0007ra-PJ for ietf-http-wg-dist@listhub.w3.org; Wed, 30 Mar 2016 19:44:35 +0000
Resent-Date: Wed, 30 Mar 2016 19:44:35 +0000
Resent-Message-Id: <E1alM2d-0007ra-PJ@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <julian.reschke@gmx.de>) id 1alM2U-0007pU-73 for ietf-http-wg@listhub.w3.org; Wed, 30 Mar 2016 19:44:26 +0000
Received: from mout.gmx.net ([212.227.15.19]) by maggie.w3.org with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from <julian.reschke@gmx.de>) id 1alM2S-00089N-J5 for ietf-http-wg@w3.org; Wed, 30 Mar 2016 19:44:25 +0000
Received: from [192.168.178.20] ([93.217.67.186]) by mail.gmx.com (mrgmx002) with ESMTPSA (Nemesis) id 0LrvWY-1ZjAaA0gog-013iWe for <ietf-http-wg@w3.org>; Wed, 30 Mar 2016 21:43:56 +0200
To: HTTP Working Group <ietf-http-wg@w3.org>
From: Julian Reschke <julian.reschke@gmx.de>
Message-ID: <56FC2C7D.7090206@gmx.de>
Date: Wed, 30 Mar 2016 21:43:57 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.1
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Provags-ID: V03:K0:LrjFUzftB5MX3QfG770J8CbeGfq8nqs88jDbGWs6WzZJf799twv 3tvzyypzDyLXWoTNQDxGf11aeMN+p6DjFh0otWYr7Ek0IyXPUEtIrHZC+bdAo5ppSruJ1WO +fAkQruRI5gWv01ikZw5oYFBToD4Dpd9rYFayS7Vds/OK1Asv76D3NmdRhMCXknnOEsZXUY b5dLmVtsQHVVWwH1F34Kw==
X-UI-Out-Filterresults: notjunk:1;V01:K0:iA1LEdoIy10=:714FaARzFr7IWqXMl8c1WT 4/RBDA2kGVneWe7xbQ4HV/zh+zk+GoT4ENMoBch71RY2wuv1z3UFKHMcbruJ6YY4NYR+JI1VZ FH7XypE2VvkOMBaRIGD/jdBOBgS+Hr6Qn/wcjwbUY0MyRnQ8sdMAPXNr+Lq1JltQSuf48H3Ml 4KPmSD8RpiI7CPqLYuFB/M1Vy3CxuL1L2F2X96muducTPxWkA/hsnNiG0NOc/R9UVBjwb+YbJ DEsxw46LoCIKU1z1bTmyt0d6bBij59MpPnfnxvf7hWSHuqDp/Ob6011pnXWGeg6ccN9msKOFk LdLnm+bWG7bIuKP7y5h36UfsAUvUps/YCMrxS4TK5GXkbZ1C7meg2L7ItEvqgpbdvk+dAJgIX MIJQGLIZgt4nMb5La8V4UygTykax5pfmuL8BhZt/RNRjgWif1ifM/JXPvODEV1K+9HLztn1ms 41Yk3VhpGCziJXfHIcpA2gK6Nu8ys8hsIi9DVfQNZ31iVagfKHvT4UannJV2wB303jqEUR8KA QTd8PVIboqVmshsBCaCAk6W3BIVLlqlIS+EoHaufw8pl/4AjDfEFn9CLpldloVblHp1KZZtU9 LkpPRXZEBQRLkMyHz44z9i2YRYb5iZzUvo59r1rtz89BMfVC9/QUvbm2Lc0Mb230HnF9KNUhu TmonVLfziqvb3svypDLllL6vOKKSAbDCcSuo2TLoncFFJgDSNmpJU9gW4mPTwHRuN9T/kNGX7 cSX9NVu6wlJFjl5hKhNqfNUKkzDMy06cfh4+g6ZBPxTT8OTfDzX29az4OZ1pr7mhfDYGByev9 Pb6gCZd
Received-SPF: pass client-ip=212.227.15.19; envelope-from=julian.reschke@gmx.de; helo=mout.gmx.net
X-W3C-Hub-Spam-Status: No, score=-8.2
X-W3C-Hub-Spam-Report: AWL=1.425, BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: maggie.w3.org 1alM2S-00089N-J5 770179bc488d89c88b05eeaade254b4b
X-Original-To: ietf-http-wg@w3.org
Subject: ANN: drafts discussing Secure Content Delegation (aka "blind caches")
Archived-At: <http://www.w3.org/mid/56FC2C7D.7090206@gmx.de>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/31365
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hi there!
In the past months, Martin, Göran, Salvatore, Christer, Zahed and myself
have been working on a set of drafts about "Secure Content Delegation"
-- in Martin's words:
"An architecture is described for content distribution via third-party
content distribution networks with reduced privileges. This architecture
allows an origin server to delegate the responsibility for delivery of
the payload of an HTTP response to a third party. That party is unable
to modify this content. The content is encrypted, which in some cases
will prevent the third party from learning about the content."
The ideas behind this have been discussed since spring 2015; most of the
times using the term "blind caches".
We have two new drafts out:
https://tools.ietf.org/html/draft-thomson-http-scd-00 - "An
Architecture for Secure Content Delegation using HTTP"
and
https://tools.ietf.org/html/draft-thomson-http-bc-00 - "Caching
Secure HTTP Content using Blind Caches"
and we'll use the github repo at
<https://github.com/EricssonResearch/Blind-Cache-Drafts> to work on them.
The drafts build on lower level machinery defined in
1) https://tools.ietf.org/html/draft-reschke-http-oob-encoding-04
(<https://github.com/reschke/oobencoding>)
2) https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-01
(<https://github.com/httpwg/http-extensions>)
3) https://tools.ietf.org/html/draft-thomson-http-mice-00
(<https://github.com/martinthomson/http-mice>)
4) https://tools.ietf.org/html/draft-thomson-http-content-signature-00
(<https://github.com/martinthomson/content-signature>)
We'll be attending the IETF meeting in Buenos Aires and would love to
get feedback on this; if there's sufficient interest we may be able to
steal a few minutes to present in the HTTP WG meetings...
Note: to better understand the problem space and develop the mechanism,
a prototype has been built using browser service workers to deliver DASH
streaming video as well as other resource types. This is also used to
gather performance insights.
Best regards, Julian & Göran
- ANN: drafts discussing Secure Content Delegation … Julian Reschke