RE: Origin-signed responses
Lucas Pardue <Lucas.Pardue@bbc.co.uk> Fri, 01 September 2017 17:07 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F637132F42 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 1 Sep 2017 10:07:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5
X-Spam-Level:
X-Spam-Status: No, score=-5 tagged_above=-999 required=5 tests=[HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ira8rvGzxMGn for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 1 Sep 2017 10:07:05 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3BBD0134213 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 1 Sep 2017 10:07:05 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.89) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1dnpMz-0007wK-Bc for ietf-http-wg-dist@listhub.w3.org; Fri, 01 Sep 2017 17:04:37 +0000
Resent-Date: Fri, 01 Sep 2017 17:04:37 +0000
Resent-Message-Id: <E1dnpMz-0007wK-Bc@frink.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by frink.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <Lucas.Pardue@bbc.co.uk>) id 1dnpMp-0007vT-Mq for ietf-http-wg@listhub.w3.org; Fri, 01 Sep 2017 17:04:27 +0000
Received: from mailout1.telhc.bbc.co.uk ([132.185.161.180]) by mimas.w3.org with esmtps (TLS1.2:DHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <Lucas.Pardue@bbc.co.uk>) id 1dnpMn-0006bc-IQ for ietf-http-wg@w3.org; Fri, 01 Sep 2017 17:04:27 +0000
Received: from BGB01XI1005.national.core.bbc.co.uk ([10.184.50.55]) by mailout1.telhc.bbc.co.uk (8.15.2/8.15.2) with ESMTP id v81H43Gm023576; Fri, 1 Sep 2017 18:04:03 +0100 (BST)
Received: from BGB01XUD1012.national.core.bbc.co.uk ([10.161.14.10]) by BGB01XI1005.national.core.bbc.co.uk ([10.184.50.55]) with mapi id 14.03.0319.002; Fri, 1 Sep 2017 18:04:03 +0100
From: Lucas Pardue <Lucas.Pardue@bbc.co.uk>
To: Jeffrey Yasskin <jyasskin@google.com>, HTTP Working Group <ietf-http-wg@w3.org>
Thread-Topic: Origin-signed responses
Thread-Index: AQHTI0D1bNGPyvEj4E2jhCq3mpGgO6KgPnPB
Date: Fri, 01 Sep 2017 17:04:02 +0000
Message-ID: <7CF7F94CB496BF4FAB1676F375F9666A37766651@bgb01xud1012>
References: <CANh-dXkbqBpGUrr-dXceQ5HzDjC6mSrrudTKjWwaBQcSO584ug@mail.gmail.com>
In-Reply-To: <CANh-dXkbqBpGUrr-dXceQ5HzDjC6mSrrudTKjWwaBQcSO584ug@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.19.161.212]
x-exclaimer-md-config: 1cd3ac1c-62e5-43f2-8404-6b688271c769
x-tm-as-product-ver: SMEX-11.0.0.4255-8.100.1062-23282.006
x-tm-as-result: No--20.434100-0.000000-31
x-tm-as-user-approved-sender: Yes
x-tm-as-user-blocked-sender: No
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Received-SPF: pass client-ip=132.185.161.180; envelope-from=Lucas.Pardue@bbc.co.uk; helo=mailout1.telhc.bbc.co.uk
X-W3C-Hub-Spam-Status: No, score=-3.8
X-W3C-Hub-Spam-Report: AWL=-0.068, BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, W3C_NW=0.5
X-W3C-Scan-Sig: mimas.w3.org 1dnpMn-0006bc-IQ c8a7264eaa69b66e39846fb0a29d674c
X-Original-To: ietf-http-wg@w3.org
Subject: RE: Origin-signed responses
Archived-At: <http://www.w3.org/mid/7CF7F94CB496BF4FAB1676F375F9666A37766651@bgb01xud1012>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/34424
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hi Jeffrey, I spotted this yesterday and found it an interesting read, so thanks for starting a discussion. Your draft references draft-cavage-http-signatures, which we have been using on a project to add some authenticity to HTTP/2 pushed content. I'm still processing your draft but can see how it might complement our approach or help satisfy the higher goal. Meanwhile, web packaging is beyond the scope of my needs. Therefore I support the split because it's provides a more compelling document to consider, in my particular use case. Kind regards Lucas ________________________________________ From: Jeffrey Yasskin [jyasskin@google.com] Sent: 01 September 2017 17:35 To: HTTP Working Group Subject: Origin-signed responses Hi all, When I brought web packaging to IETF99 DISPATCH (https://datatracker.ietf.org/doc/minutes-99-dispatch/), several people said they wanted to see what it would look like split into layers. https://tools.ietf.org/id/draft-yasskin-http-origin-signed-responses-00.html discusses use cases and an outline of what the signing layer needs to look like, but doesn't include an actual proposal for signatures yet. What do you think? Is splitting the packaging proposal still the right approach? I've also started a thread in art@ to talk about the packaging use cases overall: https://mailarchive.ietf.org/arch/msg/art/gaS8EHxsdzcyPCaSqSyWSh-WbMY Thanks, Jeffrey ----------------------------- http://www.bbc.co.uk This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically stated. If you have received it in error, please delete it from your system. Do not use, copy or disclose the information in any way nor act in reliance on it and notify the sender immediately. Please note that the BBC monitors e-mails sent or received. Further communication will signify your consent to this. -----------------------------
- Origin-signed responses Jeffrey Yasskin
- RE: Origin-signed responses Lucas Pardue
- Re: Origin-signed responses Jeffrey Yasskin
- RE: Origin-signed responses Lucas Pardue
- Re: Origin-signed responses Ilari Liusvaara
- Re: Origin-signed responses Jeffrey Yasskin
- Re: Origin-signed responses Jeffrey Yasskin
- Re: Origin-signed responses Ilari Liusvaara
- RE: Origin-signed responses Lucas Pardue
- Re: Origin-signed responses Jeffrey Yasskin
- Re: Origin-signed responses Jeffrey Yasskin
- Re: Origin-signed responses Ilari Liusvaara