IETF Logo Mail Archive

Re: Call for Adoption: draft-richanna-http-message-signatures

Manu Sporny <msporny@digitalbazaar.com> Mon, 20 January 2020 17:01 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E6CD1208C9 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 20 Jan 2020 09:01:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.652
X-Spam-Level:
X-Spam-Status: No, score=-2.652 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ljv5a2_pTfA8 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 20 Jan 2020 09:00:47 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [IPv6:2603:400a:ffff:804:801e:34:0:38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 87766120947 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 20 Jan 2020 09:00:47 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.89) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1itaMs-0006Or-OA for ietf-http-wg-dist@listhub.w3.org; Mon, 20 Jan 2020 16:57:38 +0000
Resent-Date: Mon, 20 Jan 2020 16:57:38 +0000
Resent-Message-Id: <E1itaMs-0006Or-OA@frink.w3.org>
Received: from titan.w3.org ([2603:400a:ffff:804:801e:34:0:4c]) by frink.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <msporny@digitalbazaar.com>) id 1itaMr-0006O5-EB for ietf-http-wg@listhub.w3.org; Mon, 20 Jan 2020 16:57:37 +0000
Received: from mail.digitalbazaar.com ([96.89.14.193]) by titan.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <msporny@digitalbazaar.com>) id 1itaMm-0000E7-Ig for ietf-http-wg@w3.org; Mon, 20 Jan 2020 16:57:37 +0000
Received: from [192.168.0.149] by mail.digitalbazaar.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.89) (envelope-from <msporny@digitalbazaar.com>) id 1itaR6-0006Fh-1P for ietf-http-wg@w3.org; Mon, 20 Jan 2020 12:02:00 -0500
To: ietf-http-wg@w3.org
References: <76565D7E-C7F5-4D5D-BE3A-6E686E096B14@mnot.net>
From: Manu Sporny <msporny@digitalbazaar.com>
Message-ID: <143b0403-8a18-02de-a8d8-636a3d3ca9fd@digitalbazaar.com>
Date: Mon, 20 Jan 2020 11:57:29 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0
MIME-Version: 1.0
In-Reply-To: <76565D7E-C7F5-4D5D-BE3A-6E686E096B14@mnot.net>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-CA
Content-Transfer-Encoding: 7bit
X-SA-Exim-Connect-IP: 192.168.0.149
X-SA-Exim-Mail-From: msporny@digitalbazaar.com
X-SA-Exim-Scanned: No (on mail.digitalbazaar.com); SAEximRunCond expanded to false
Received-SPF: pass client-ip=96.89.14.193; envelope-from=msporny@digitalbazaar.com; helo=mail.digitalbazaar.com
X-W3C-Hub-Spam-Status: No, score=-8.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1itaMm-0000E7-Ig 7c8538cc9e462954ba49c88633db2129
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Call for Adoption: draft-richanna-http-message-signatures
Archived-At: <https://www.w3.org/mid/143b0403-8a18-02de-a8d8-636a3d3ca9fd@digitalbazaar.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/37253
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 1/8/20 11:33 PM, Mark Nottingham wrote:
> To that end, this is a Call for Adoption of 
> draft-richanna-http-message-signatures-00. Since there hasn't been 
> extensive discussion yet, we're looking for more confirmation than 
> just absence of objection; we'd like folks to read the document and 
> state explicitly whether they support it as a starting point for a 
> work item.

I support the adoption of this work into the HTTP WG and support the use
of draft-richanna as a starting point.

My organization, Digital Bazaar, has used draft-cavage-* (which is the
basis for draft-richanna-*) extensively, has written multiple
implementations, and maintains the test suite. We will update our
implementations to track changes made by the HTTP WG and will endeavour
to convince the *22 other implementations* to also update their
implementations. More about this in a separate email.

Certain specifications that the W3C Decentralized Identifier Working
Group (DID Authentication over HTTP) and W3C Credential Community Group
(Authorization Capabilities, Encrypted Data Vault Authorization over
HTTP) may eventually depend on require the completion of this work as
well. Experimental implementations for work that builds on top of
draft-cavage-* already exists. The HTTP WG should not let those
specifications nor timelines impact its timeline on this work item, but
should be aware of that potential dependency if the work is adopted.

I'm currently in the process of mobilizing all the other implementers to
provide input on the Call for Adoption since many of them are probably
unaware that the call is happening now (that's on me, I've been delayed
in getting those emails out).

Finally, a huge thanks to Annabelle and Justin for picking up the baton
and running with this!

-- manu

-- 
Manu Sporny (skype: msporny, twitter: manusporny)
Founder/CEO - Digital Bazaar, Inc.
blog: Veres One Decentralized Identifier Blockchain Launches
https://tinyurl.com/veres-one-launches

v2.23.0 | Report a Bug | By Email