Weekly github digest (HTTP Activity Summary)
Repository Activity Summary Bot <do_not_reply@mnot.net> Sun, 26 February 2023 07:39 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5956C151557 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 25 Feb 2023 23:39:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.447
X-Spam-Level:
X-Spam-Status: No, score=-2.447 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=mnot.net header.b="dcqfua/P"; dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=messagingengine.com header.b="kfxVKYDs"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dQnwzf61ZOj5 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 25 Feb 2023 23:39:31 -0800 (PST)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0154EC151719 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 25 Feb 2023 23:39:30 -0800 (PST)
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1pWBaT-00EYEu-IB for ietf-http-wg-dist@listhub.w3.org; Sun, 26 Feb 2023 07:36:49 +0000
Resent-Date: Sun, 26 Feb 2023 07:36:49 +0000
Resent-Message-Id: <E1pWBaT-00EYEu-IB@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <do_not_reply@mnot.net>) id 1pWBaO-00EYE1-H1 for ietf-http-wg@listhub.w3.org; Sun, 26 Feb 2023 07:36:45 +0000
Received: from wout4-smtp.messagingengine.com ([64.147.123.20]) by mimas.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <do_not_reply@mnot.net>) id 1pWBaM-00DdiD-Lq for ietf-http-wg@w3.org; Sun, 26 Feb 2023 07:36:44 +0000
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.west.internal (Postfix) with ESMTP id ABAC73200754 for <ietf-http-wg@w3.org>; Sun, 26 Feb 2023 02:36:28 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162]) by compute5.internal (MEProxy); Sun, 26 Feb 2023 02:36:28 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h=cc :content-type:date:from:from:in-reply-to:mime-version:reply-to :sender:subject:subject:to:to; s=fm2; t=1677396988; x= 1677483388; bh=6mmHD5zRG1NjMlKXz5+iTCTLnjP7ZhrGFHuE9hT5rJo=; b=d cqfua/PRV8RQDJD8XOy/cYhlACYcx6x8wsrH0YKvASVXbHJ9LvB97o991EixjEJ7 swrcx1DAnuuPjI0/05eYJPVy4uIQJw7vNDcWvY+4hKbvOUjZxruuNxxL4RD/V7MS xJ+T6rMFPZZ1jprPuYbf2YuQeZRE6mG6F8iJhXqALm8wEmEKLHZQ+tEKCt0GgZzB V5Bse7OAGGywCTQBBmkwsUX/XstR7+4sAZGIgw4c1mDU2TDvr87l1KUJ44xKo+q/ eyG+3L33BLr5yYNrtZltDdA8zAgI5csTWxVc9Qj19GQpmXAV8dJfstPK8zR+20oZ zqzC3GZnNryZGZCjb9zBg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:feedback-id :feedback-id:from:from:in-reply-to:mime-version:reply-to:sender :subject:subject:to:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; t=1677396988; x=1677483388; bh=6 mmHD5zRG1NjMlKXz5+iTCTLnjP7ZhrGFHuE9hT5rJo=; b=kfxVKYDsMSv9vLGZu oQJTISEmb0lQ4fgGN2pXexegPKUhVkPeAjTWPha5+NoK7w8hBJq2i1ZkiWaO7tnk sIPVvYP1SsH1jLLJ8hW/+Hma3bEDrCJ67qDPK+LRxyv7jUu4twPUz1tstHRw7jrH 6WvQTGUxEA4kDpvoeykFp8cJgB+dSDlhB3iZKH/on5COruwmUS95aZRhDmHIbhoV fzQgQ0KylyiSRS4N2KVY5KTTRODaMlEgcGl0uYGQ2pHnAdggesNcX5wzvlx+gdU5 WhYIsgQsGTFcraaUqgN2Jp67ywaBbak5wcods74uZ7vU1AnfPAfvMmv4OTchKWpk IwBdA==
X-ME-Sender: <xms:_Av7YzouiJQ5SYnEN-lKPXyHQ4QaOCiRVsxe17qASs4arHChYWkcrg> <xme:_Av7Y9rm8cj8QhBH9zD6j_hl8JRCKeMhGwdQjuBWhzeNXY22IgL6IAJ_7a3u2dnAl xQEXHbRsUaGKI1WXA>
X-ME-Received: <xmr:_Av7YwN_v7hj_lYNTGKIPiOvDCx7t2tetiTtAHGTjzdN_IjjZspz1KVGP-pUrTFzySJhOjB8ebMe2s-Gjn1xpAfhPUlnZ2fd2t5CNlqlAJKZdXbiHNM_DbHVHILBOv--9Ws>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrudekjedguddtgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecupfhoucgurghtvgcufhhivghlugculdegledmne cujfgurheptggghffvufesrgdttdertddtjeenucfhrhhomheptfgvphhoshhithhorhih ucettghtihhvihhthicuufhumhhmrghrhicuuehothcuoeguohgpnhhothgprhgvphhlhi esmhhnohhtrdhnvghtqeenucggtffrrghtthgvrhhnpeekfedvudetjedvfeekheeiveeu gfefhfetteevgeffkefffeetffdvleehudeiteenucffohhmrghinhepghhithhhuhgsrd gtohhmnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhep ughopghnohhtpghrvghplhihsehmnhhothdrnhgvth
X-ME-Proxy: <xmx:_Av7Y24yTauLzBP6iqOlcdQx5uGN5SQ4Ypv-MM2xb9CjB3aR-BRGlw> <xmx:_Av7Yy4R2Wg8364M4h9JOqtsQ3VJETYDz_w9-rtkZfo0zgJ9TUE3JQ> <xmx:_Av7Y-hAKuVe17oyTh3AUkUGuQZBbT9nkl4-p_dCUX9umfAXOgzGxA> <xmx:_Av7Y_Va1lg6eR_TpeHcHRkTZXC9ekNEthKybs9EdlituIwgsMueqQ>
Feedback-ID: i1c3946f2:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <ietf-http-wg@w3.org>; Sun, 26 Feb 2023 02:36:27 -0500 (EST)
Content-Type: multipart/alternative; boundary="===============3561919881530102007=="
MIME-Version: 1.0
From: Repository Activity Summary Bot <do_not_reply@mnot.net>
To: ietf-http-wg@w3.org
Received-SPF: pass client-ip=64.147.123.20; envelope-from=do_not_reply@mnot.net; helo=wout4-smtp.messagingengine.com
X-W3C-Hub-DKIM-Status: validation passed: (address=do_not_reply@mnot.net domain=mnot.net), signature is good
X-W3C-Hub-DKIM-Status: validation passed: (address=do_not_reply@mnot.net domain=messagingengine.com), signature is good
Message-ID: <E1pWBaM-00DdiD-Lq@mimas.w3.org>
X-W3C-Hub-Spam-Status: No, score=-2.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MISSING_DATE=1.36, MISSING_MID=0.497, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1pWBaM-00DdiD-Lq 73d68f7290066fbe55b543ec1e434621
Date: Sun, 26 Feb 2023 07:36:45 +0000
X-Original-To: ietf-http-wg@w3.org
Subject: Weekly github digest (HTTP Activity Summary)
Archived-At: <https://www.w3.org/mid/E1pWBaM-00DdiD-Lq@mimas.w3.org>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/50752
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Events without label "editorial"
Issues
------
* httpwg/http-extensions (+29/-3/💬43)
29 issues created:
- initial editorial comments (by m4mb01t4l14n0)
https://github.com/httpwg/http-extensions/issues/2446
- signature identifiers (by martinthomson)
https://github.com/httpwg/http-extensions/issues/2445
- Fix name (by DavidSchinazi)
https://github.com/httpwg/http-extensions/issues/2444
- Double-check security of reusing the signature key multiple times in one connection (by DavidSchinazi)
https://github.com/httpwg/http-extensions/issues/2443
- Support for DTLS? (by m4mb01t4l14n0)
https://github.com/httpwg/http-extensions/issues/2442
- Require TLS 1.3 or TLS 1.2 with Extended Master Secret (by DavidSchinazi)
https://github.com/httpwg/http-extensions/issues/2441
- Signature hash algorithm is ambiguous (by DavidSchinazi)
https://github.com/httpwg/http-extensions/issues/2440
- Consider contextualizing signatures (by DavidSchinazi)
https://github.com/httpwg/http-extensions/issues/2439
- Discuss security properties of keys (by DavidSchinazi)
https://github.com/httpwg/http-extensions/issues/2438
- Describe server handling (by DavidSchinazi)
https://github.com/httpwg/http-extensions/issues/2437
- SF: Make the signature the primary value (by martinthomson)
https://github.com/httpwg/http-extensions/issues/2436
- feedback from IETF115 (by m4mb01t4l14n0)
https://github.com/httpwg/http-extensions/issues/2435
- Comments on the updated draft (by m4mb01t4l14n0)
https://github.com/httpwg/http-extensions/issues/2434
- Intermediaries: suggest having the intermediary send the nonce as an alternative to validation (by DavidSchinazi)
https://github.com/httpwg/http-extensions/issues/2433
- New header field vs WWW-Authenticate (by chris-wood)
https://github.com/httpwg/http-extensions/issues/2432
- Consider renaming "u" to "k" (by chris-wood)
https://github.com/httpwg/http-extensions/issues/2431
- Signature optional (by chris-wood)
https://github.com/httpwg/http-extensions/issues/2430
- Per-authenticator context labels (by chris-wood)
https://github.com/httpwg/http-extensions/issues/2429
- Consider refining scope to the origin (by chris-wood)
https://github.com/httpwg/http-extensions/issues/2428
- Explain use cases (by chris-wood)
https://github.com/httpwg/http-extensions/issues/2427
- Make sure u= is not a tracking vector (by DavidSchinazi)
https://github.com/httpwg/http-extensions/issues/2426
- message-signatures: HTTP Signature Algorithms names (by reschke)
https://github.com/httpwg/http-extensions/issues/2421 [signatures]
- empty next-hop-aliases? (by LPardue)
https://github.com/httpwg/http-extensions/issues/2420 [alias-proxy-status]
- Support SM2/SM3 algorithms (by SunFulong)
https://github.com/httpwg/http-extensions/issues/2419
- message-signatures: format of signature base (by reschke)
https://github.com/httpwg/http-extensions/issues/2417 [signatures]
- message-signatures: ASCII restriction in field-value to byte sequence (by reschke)
https://github.com/httpwg/http-extensions/issues/2415 [signatures]
- message-signatures: requirements on sf dictionary parsing (by reschke)
https://github.com/httpwg/http-extensions/issues/2413
- message-signatures: obs-fold (by reschke)
https://github.com/httpwg/http-extensions/issues/2411 [signatures]
- message-signatures: addition of leading or trailing whitespace to a field value (by reschke)
https://github.com/httpwg/http-extensions/issues/2410 [signatures]
15 issues received 43 new comments:
- #2432 New header field vs WWW-Authenticate (1 by tfpauly)
https://github.com/httpwg/http-extensions/issues/2432 [unprompted-auth]
- #2421 message-signatures: HTTP Signature Algorithms names (6 by jricher, reschke)
https://github.com/httpwg/http-extensions/issues/2421 [signatures]
- #2419 Support SM2/SM3 algorithms (3 by SunFulong, martinthomson)
https://github.com/httpwg/http-extensions/issues/2419
- #2417 message-signatures: format of signature base (3 by jricher, reschke)
https://github.com/httpwg/http-extensions/issues/2417 [signatures]
- #2415 message-signatures: ASCII restriction in field-value to byte sequence (2 by jricher, reschke)
https://github.com/httpwg/http-extensions/issues/2415 [signatures]
- #2413 message-signatures: requirements on sf dictionary parsing (3 by jricher, reschke)
https://github.com/httpwg/http-extensions/issues/2413 [signatures]
- #2411 message-signatures: obs-fold (1 by jricher)
https://github.com/httpwg/http-extensions/issues/2411 [signatures]
- #2410 message-signatures: addition of leading or trailing whitespace to a field value (8 by jricher, martinthomson, mnot, reschke)
https://github.com/httpwg/http-extensions/issues/2410 [signatures]
- #2389 Can 2 algorithms have the same preference? (2 by ioggstream, reschke)
https://github.com/httpwg/http-extensions/issues/2389 [digest-headers]
- #2388 Newlines at the end of JSON bodies (8 by LPardue, reschke)
https://github.com/httpwg/http-extensions/issues/2388 [digest-headers]
- #2387 Base-64 encoding bodies is unfortunate (1 by c799878)
https://github.com/httpwg/http-extensions/issues/2387 [digest-headers]
- #2386 Inconsistent paths in appendix examples (1 by LPardue)
https://github.com/httpwg/http-extensions/issues/2386 [digest-headers]
- #2385 No examples of encoding output any of the 6 "insecure" algorithms (1 by LPardue)
https://github.com/httpwg/http-extensions/issues/2385 [digest-headers]
- #2293 Retry-able upload creations using Idempotency-Key (1 by awwright)
https://github.com/httpwg/http-extensions/issues/2293 [resumable-upload]
- #1673 Alt-Svc and multi-CDN (2 by LPardue, sc0ttbeardsley)
https://github.com/httpwg/http-extensions/issues/1673 [alt-svc]
3 issues closed:
- Base-64 encoding bodies is unfortunate https://github.com/httpwg/http-extensions/issues/2387 [digest-headers]
- Long line in Repr-Digest example https://github.com/httpwg/http-extensions/issues/2226 [digest-headers]
- Inconsistent paths in appendix examples https://github.com/httpwg/http-extensions/issues/2386 [digest-headers]
Pull requests
-------------
* httpwg/http-extensions (+9/-5/💬7)
9 pull requests submitted:
- Apply AD suggests WRT to Hash Algorithm registry (by LPardue)
https://github.com/httpwg/http-extensions/pull/2448
- Clarify that hashing bytes are base-64 encoded and give examples (by LPardue)
https://github.com/httpwg/http-extensions/pull/2447
- client-cert: genart review updates (by b---c)
https://github.com/httpwg/http-extensions/pull/2425 [client-cert-field]
- Add draft-ietf-httpbis-unprompted-auth (by DavidSchinazi)
https://github.com/httpwg/http-extensions/pull/2424
- use hex-encoding for brotli examples (by LPardue)
https://github.com/httpwg/http-extensions/pull/2423
- Fix: #2384. Non-deterministic content coding beyond encryption. (by ioggstream)
https://github.com/httpwg/http-extensions/pull/2422
- Address nits from OPS review (by jricher)
https://github.com/httpwg/http-extensions/pull/2418
- message-signatures: remove duplicate "the" (by reschke)
https://github.com/httpwg/http-extensions/pull/2414
- message-signatures: fix typo (by reschke)
https://github.com/httpwg/http-extensions/pull/2412
4 pull requests received 7 new comments:
- #2447 Clarify that hashing bytes are base-64 encoded and give examples (3 by LPardue, ioggstream)
https://github.com/httpwg/http-extensions/pull/2447
- #2423 use hex-encoding for brotli examples (2 by LPardue, ioggstream)
https://github.com/httpwg/http-extensions/pull/2423
- #2422 Fix: #2384. Non-deterministic content coding beyond encryption. (1 by ioggstream)
https://github.com/httpwg/http-extensions/pull/2422
- #2406 client-cert: AD review feedback (1 by b---c)
https://github.com/httpwg/http-extensions/pull/2406 [client-cert-field]
5 pull requests merged:
- use hex-encoding for brotli examples
https://github.com/httpwg/http-extensions/pull/2423
- Add draft-ietf-httpbis-unprompted-auth
https://github.com/httpwg/http-extensions/pull/2424
- Wrap all cases where repr-digest was 2 characters over
https://github.com/httpwg/http-extensions/pull/2381 [digest-headers]
- client-cert: AD review feedback
https://github.com/httpwg/http-extensions/pull/2406 [client-cert-field]
- Specify algorithm selection is from a known subset
https://github.com/httpwg/http-extensions/pull/2409 [signatures]
Repositories tracked by this digest:
-----------------------------------
* https://github.com/httpwg/http-core
* https://github.com/httpwg/http-extensions
* https://github.com/httpwg/http2-spec
- Weekly github digest (HTTP Activity Summary) Repository Activity Summary Bot