Re: Call for Adoption: HTTP Unprompted Authentication
Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 07 February 2023 12:35 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D594DC15152F for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 7 Feb 2023 04:35:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.05
X-Spam-Level:
X-Spam-Status: No, score=-5.05 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, MAILING_LIST_MULTI=-1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A2N6rqPDj7jJ for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 7 Feb 2023 04:35:44 -0800 (PST)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B2245C15171B for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 7 Feb 2023 04:35:44 -0800 (PST)
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1pPN9S-00BP5L-C6 for ietf-http-wg-dist@listhub.w3.org; Tue, 07 Feb 2023 12:32:46 +0000
Resent-Date: Tue, 07 Feb 2023 12:32:46 +0000
Resent-Message-Id: <E1pPN9S-00BP5L-C6@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <stephen.farrell@cs.tcd.ie>) id 1pPN9P-00BP4O-QE for ietf-http-wg@listhub.w3.org; Tue, 07 Feb 2023 12:32:44 +0000
Received: from mail-vi1eur04on2112.outbound.protection.outlook.com ([40.107.8.112] helo=EUR04-VI1-obe.outbound.protection.outlook.com) by mimas.w3.org with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <stephen.farrell@cs.tcd.ie>) id 1pPN9K-003yxI-J0 for ietf-http-wg@w3.org; Tue, 07 Feb 2023 12:32:44 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YLNzdWnPs07vzb/JpEbiSAf/4w4o/90KGVP7YOJFnliVnNWlEzwLvb5qtQ+bDCTY41VZN/0WaoSxDnANM2kECEOdPpVp8TYXGUjD5K/uRaoLHRgGxyrugPIwLzNQ0JrNhwIUQdvVa4yMM5Iv0mxRV6D1+6dpAzNT/lFKCPTCJt5thpydlV63WFK7/JsGpEEEmNMWRHBe+Trrjy35qDHWkYywvsSYQ2njo0wWGgXnLErMobTI2YoSXjcAoIrst9BgY+l1MKSREbzxvssvMSUFDUViSKhO06wqtGXVu4U5gP+dAvVvPrnPKxaHNW5nmdq8+FgRwKIzQcY579X9ggnc2w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=DznJjObMbhKIAb7UyJ/PWQkz3F2t9u4zmAL2VSeVlv4=; b=LJAh/f3EliqmZXeHYJvr6cdXdx/bB8XrFwCC69mcgsLlLVMkmWLyUuK+GvN5Pu3s6iy+oRg6WM8M9thvDitGI0MQzcahpujlUXp01woeU9+KVd2b64zE540Ab73OkIj00VFUQ+0tdAxBoS93nm0QaCy7l1V3rHF+HkoTMvvjGySpwz8VpVsrPlb7jQ+6o3IJj/lcrAmMRfi1dATsguFxKFVDIUW6uq8KScpJuhkLEo9JfWmKBNKFRLrD09P4pVxc8qy0jcciRBktgG3VbI9dC1bDvaMqBQP2bskwfaxpn09NP6CVGWYlwLiMklCorxf4UNlqtplVvkDRjB2zaISzlw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DznJjObMbhKIAb7UyJ/PWQkz3F2t9u4zmAL2VSeVlv4=; b=kViCiClyQwJ4dHUAf0iVPh2sE1C9MmbHMQ5SlwfeeV25JY2PI36gYhyQ3CrqQa0q3OYFVdHk2UbViKTPOWDOBbSKlBtTYA8hdWHOrR+32JpiJFz66EkGsXzSXB46/nwPif5Ujx896VGcSBDhzjTBbfW6RHu+hp0rQs8WTSWYdm2SHq4iuPjs8ExMN3AXncVHNJg5XsV8zx1T3gJfCSHYR9WioHFGXpPGo69Hnm2MtIgYFgrTF4pdenj2qByN3yDxXy0Jbg+dg37Ni+EMc4N/S8gSsZsVUvZONN5xcQ03wTIlFY8NGFN2fJFqRaWKnVWcxpDtpLVw3VHUWhuBAGG5vQ==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by AM7PR02MB6323.eurprd02.prod.outlook.com (2603:10a6:20b:1bc::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6064.36; Tue, 7 Feb 2023 12:32:24 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::47ff:ce7d:4074:b349]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::47ff:ce7d:4074:b349%7]) with mapi id 15.20.6064.036; Tue, 7 Feb 2023 12:32:24 +0000
Message-ID: <7415fe6a-40c4-139b-af35-eb71f6ba5254@cs.tcd.ie>
Date: Tue, 07 Feb 2023 12:32:22 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.4.2
Content-Language: en-US
To: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Cc: Tommy Pauly <tpauly@apple.com>
References: <6532E43F-74FD-46B4-8D28-9DB03452A689@mnot.net>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
In-Reply-To: <6532E43F-74FD-46B4-8D28-9DB03452A689@mnot.net>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------5ihWKydnxsvM63RLqwL4uvTH"
X-ClientProxiedBy: DB6P195CA0023.EURP195.PROD.OUTLOOK.COM (2603:10a6:4:cb::33) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB7PR02MB5113:EE_|AM7PR02MB6323:EE_
X-MS-Office365-Filtering-Correlation-Id: 6a543f2f-38b1-4f91-d49e-08db09075d4b
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: LEdxIty2iJT/72ZdDpFhKqiGXDt3c8ymF5L2u+zOP6Fqx/IzS0w6JhvGKXcOphSEkfAlW0N0ej66E0vOMZ/nYy2vrMGw7An3dYFaDLRKM7oPF1DaDTQbYmugUZMocALAtogk1WD6LBhHJKbg1AX6m9yZbpgkjnfYb7vTMlPILT79qXPLvkYiDYtX31+RdUe15EQ8Dl3+Si5HX3sQIrqyz20xDXxGTZEE1v6VdPfvizHOHs0pjNBF31ctx9NLkbQvrtfd6QL9rFg9ABvvlCZc8Y7KoKB0Sahj0rFSGpwVsRhQAwdHVTq5t/MhFBKE8EEe9qMjWkeUaaqKKGd/f8E30E1N5vmDiOtLyLMqKaVNfN+konxjrmA7ZoQbff4GG2IvvsS/iNb3MmChKEWwBGrZl/LkLws8G0pVuu55HK+gOBrcfbh3hLfOIdySYZ9MZb3jCr7z/aVhNUPTUZZYXKn6m75nn3sxaYpxhu5KlmKtqgrqFaOGd9sHPhA1SNuPIh83Bs1NdO8xMy1/Vwc9U8i70jH4UymnfZVu2N6Jzto6PKeV0sX2/MK7hYNPVSui+j0ytc6fx+A68A6S/CoZtTS+djE2XfExH90efrw9fm6db+aqIVK1lAOtfSCgoTzCPFWk2Vy3taPtAsf1j0PsWcXhrtj2V+TUHAFA4dNUw83g8oRcn8r7FHf6Iyuako9iem41KAH/7E1O7ZDILiKqr1wofCxfSMl2Anipz2KZMGFkNtvryrT+eSAmCGV5JphnM6rF
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB7PR02MB5113.eurprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(346002)(136003)(376002)(366004)(396003)(451199018)(31686004)(786003)(8676002)(66556008)(66476007)(66946007)(110136005)(316002)(8936002)(41300700001)(4326008)(5660300002)(235185007)(86362001)(31696002)(36756003)(38100700002)(53546011)(6506007)(21480400003)(186003)(6512007)(33964004)(44832011)(2906002)(41320700001)(6486002)(966005)(83380400001)(478600001)(2616005)(43740500002)(45980500001);DIR:OUT;SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: QnH4HNWwmY1jjyDREiMd9B0iwSHpdUtusCk28BRnxeh9TjAzHtjLWHaWgQJVSyI73iGznxZ3NpKkRpIzomAeI14QZduf1hdkMsTi8Zwb270UBNRNnWQ2sRgwLn89Y8tvJqGdzVLT4u3KbNBW0cnP9okRiYa/p3N/xZxUWtZuU6vzZCyMnyjNM/zHzA2ZhjJSSAoyChBf2EU8nO9H+ZUREwyoESWS0ITcooHy0R1v+xyMmIH2by5tYtQoJq1mTTMQGSE5AK1XkqUa5+Qy0b2P5t72xnWROOMCw+haaw0QL0kRsJcVbXsRy5m6ggzMZaECcH71ASvDOEZeW6sUuo7TkWyiVARiv5ox27EyZG9anXrqYt2GM24nH8LS4GvofrSWQy66Ybp5jvyzQhQJztHtgNapoaGTTOtbc/A787lsIRDuxsfco5rwyLirUYcwxWROW5cVihqm4bd73XFRsOGQ1/g76W4hEyd/P581aru4Jj2pofMVdflD9BdtJmsazapceX/WFvV4S+gMAm2Coz+sSVvEZgRQHWyartZ0DU9rT7qxx74KhnqyghNuUZMXRSlMAoWCjrhJIoTGyTtL5WIGoeTsZ3KrJWmy+1oR0iQ/ujJibRSwek04TcT9FKDHl8FsOBr3HZvZdAK5gTaFVsvTVHBErBgOerQkHWMkaAQ499WIDc9B+XWejt41gaVzNajxkyUJFuPrt9QIWNypVgZh9f08CQg/UxQPadLjhhZh9Gh2M5rukq44VpOBYDhRpL8VXUn0LQqyAMOB0fWNZjjPXlUdtD74v7lKkJLZzXZL1+D5RNQsCBdtDY2t7yHafYwTDJX2lnJYd+ClIUjT3JoruseR9jFEiQUP2iAd+a/J/7HekaVD0gZMJ/kBu1mZ2rlH9RHKheROB4bfK926Pqt+LWlU3yV7QNcI3BvoOEc7Zy8YCxDkzZNcDuFm0JVMrDLKnXBT57M/cAf+94T0739DNyAO6S7kl9YLsmk1tSDQZnoaN0HUH1QxEt0Cp6+XtTYqNPORriYL+5JBS4tXakQC7tfSAuGMhUACHBFN3HaI/Y6RTAC5aV8cjPr0IshIIDZcKNOkxUW6JtYOiaxFl33nN/rCCP4qnSztmY9J3jG2i4Y0Mca1+rVCwVJF4n/mRCJAKheee6S3QxpyFCpHHTe/nI9CW9V6msZasKzYRXoumY1BcGR7XrGZ6px2FSTX8J2SM6D6jzhIssx1nf5PRcomRXY1rTkemyWhPzUILnQoowIY1swajEMeHlUs6lAjV2e+CmYqxL5LEsnktrF0D67MOJIGNNpxrquiKmgzgr5oI0tVyR9yByEao1PmdyHjErp+cR+OMHRnmVsnNHjhf7hiRFGN3EdRnzPztK7jxa13gHcS/mC4Fp7M4GVkhxeQsgPO/yQYT/cJ0mHM5IN3ZFljmveRvEYxLs733suYbPlJe7EzouonotjTbEwiRNpSoIcFVcUjfQlRx0p9KdYrVNkleekblpJdSKhthxBDNKLFP88pdWUuY8Uc3tJ5bbzh9MLfjo1Os1hUcotZWmpkhSjeBbE++vV7HDQ8h3mDD15rhtN4ZA+BYSmiJsfigmpA5YISHoq6ljfbhryNbx9whBs0C6xqvCFfiXKrXfwvKfhHn4KqwVZCZSLEkXC4y9pxZ7xe
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 6a543f2f-38b1-4f91-d49e-08db09075d4b
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Feb 2023 12:32:24.1947 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: UY6nDpzqNFEovaaIrV0h4Mj9ZO2G+6EhFOB8sIi25zzATnwPbWQ4Z6O9TUa1676/
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR02MB6323
Received-SPF: pass client-ip=40.107.8.112; envelope-from=stephen.farrell@cs.tcd.ie; helo=EUR04-VI1-obe.outbound.protection.outlook.com
X-W3C-Hub-DKIM-Status: validation passed: (address=stephen.farrell@cs.tcd.ie domain=cs.tcd.ie), signature is good
X-W3C-Hub-Spam-Status: No, score=-6.2
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-1.148, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1pPN9K-003yxI-J0 d430185829c57fbd9ece4f8568981ce1
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Call for Adoption: HTTP Unprompted Authentication
Archived-At: <https://www.w3.org/mid/7415fe6a-40c4-139b-af35-eb71f6ba5254@cs.tcd.ie>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/50687
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hiya, On 07/02/2023 05:58, Mark Nottingham wrote: > Hello everyone, > > We first discussed this draft at IETF114[1], saw implementation > interest at IETF115, [2] and finally had some more list discussion. > > This is a Call for Adoption for: > https://www.ietf.org/archive/id/draft-schinazi-httpbis-unprompted-auth-01.html > > Please indicate (in response to this message) whether you support > adoption, and whether you intend to implement. I'm not sure. Can someone clarify whether the u= field amounts to a super-cookie or not, and if not, how that might be the case? If there's a good answer to the above, I'd support adoption. If not, not. Thanks, S. PS: This has something in common with RFC7486 which was a (failed;-() attempt at a similar thing. I don't think this draft needs to refer to that, but if the authors weren't aware of it, they might be interested. > > The CfA will last for two weeks. > > Cheers, > > > 1. > https://httpwg.org/wg-materials/ietf114/minutes.html#transport-auth-david-schinazi > > 1. https://httpwg.org/wg-materials/ietf115/minutes.html#unprompted-auth > > -- Mark Nottingham https://www.mnot.net/ > >
- Call for Adoption: HTTP Unprompted Authentication Mark Nottingham
- Re: Call for Adoption: HTTP Unprompted Authentica… Stephen Farrell
- Re: Call for Adoption: HTTP Unprompted Authentica… Martin Thomson
- Re: Call for Adoption: HTTP Unprompted Authentica… Stephen Farrell
- Re: Call for Adoption: HTTP Unprompted Authentica… Ilari Liusvaara
- Re: Call for Adoption: HTTP Unprompted Authentica… Christopher Wood
- Re: Call for Adoption: HTTP Unprompted Authentica… David Schinazi
- Re: Call for Adoption: HTTP Unprompted Authentica… Stephen Farrell
- Re: Call for Adoption: HTTP Unprompted Authentica… Martin Thomson
- Re: Call for Adoption: HTTP Unprompted Authentica… Eric Kinnear
- Re: Call for Adoption: HTTP Unprompted Authentica… Mark Nottingham
- Re: Call for Adoption: HTTP Unprompted Authentica… David Schinazi
- Re: Call for Adoption: HTTP Unprompted Authentica… Eric J Bowman