IETF Logo Mail Archive

Re: Call for Adoption: HTTP Unprompted Authentication

Martin Thomson <mt@lowentropy.net> Tue, 07 February 2023 12:58 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9ABAC14CE51 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 7 Feb 2023 04:58:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.748
X-Spam-Level:
X-Spam-Status: No, score=-2.748 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b="wpEerFim"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="Ak52MCHM"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sz8bOakh7F_M for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 7 Feb 2023 04:58:11 -0800 (PST)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3A454C14F730 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 7 Feb 2023 04:58:10 -0800 (PST)
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1pPNXK-00BTDO-IQ for ietf-http-wg-dist@listhub.w3.org; Tue, 07 Feb 2023 12:57:26 +0000
Resent-Date: Tue, 07 Feb 2023 12:57:26 +0000
Resent-Message-Id: <E1pPNXK-00BTDO-IQ@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <mt@lowentropy.net>) id 1pPNXI-00BTBx-5H for ietf-http-wg@listhub.w3.org; Tue, 07 Feb 2023 12:57:24 +0000
Received: from new4-smtp.messagingengine.com ([66.111.4.230]) by titan.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <mt@lowentropy.net>) id 1pPNXE-00BP5m-Q9 for ietf-http-wg@w3.org; Tue, 07 Feb 2023 12:57:24 +0000
Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailnew.nyi.internal (Postfix) with ESMTP id 89C6E581F7B for <ietf-http-wg@w3.org>; Tue, 7 Feb 2023 07:57:09 -0500 (EST)
Received: from imap41 ([10.202.2.91]) by compute6.internal (MEProxy); Tue, 07 Feb 2023 07:57:09 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=cc:content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm1; t=1675774629; x=1675781829; bh=o7k3UA8NNt dM1uT4BANRMqHGdFU8Miq8gSWEyay/gZE=; b=wpEerFim5enGs3XWbqPcap7Aya T1SdbokxhihffIY3N+BPrVsaY7Rcq//82aqGLe8RBIFjbYr8JBNReYsKhwc3P46l qYpgFCz/SeCceJby9QNscA+Du907SniGXMNRChh/gvnJHxPZsDfXzG3yz+AxkyeA PyWxT3lL2kcX8NYTibyP5G8aasAjVxGn3lVDlgcfNrZJfOJ5zRAKJpZfYV153NCo P4lUq1lvHgzDvr42q1AkwvLTcHGD6qd+S2RYl6sPgADqYX3Wh2TMUJiQy06DK52x EKXm5rcm7gm1wdcvW4K+n9ku6ZU4K3IqfmORBhukOPwAmwbn6LWiMgRs7/WA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; t=1675774629; x=1675781829; bh=o7k3UA8NNtdM1uT4BANRMqHGdFU8 Miq8gSWEyay/gZE=; b=Ak52MCHMD7d+NijskHJxaRAvdG8B/33gkYQfd+Fr3MN6 qLgQVlxj0V3iSQaB/lVButH4EXMZejY4Ou6/b+kbBy4AalzLM2UBJ8ymJsaNHbdc LmQwiNYWXPzUkw0aPBwYiBEj4TDQfY6AGBypz/Sf2IC+lcpA3dw21anBUvmprxDt gBx59jp4Y1chayXobeslXUueE617zf9yzBiRnyrt7CQtxQwOkLqojMfkHer1+RGC ggwLuTjeXrMdlXU6+eWqG0nxeB2ac4x3FiNZAtO6WQDvaxDyu0k2bIAX1zY2H3e1 Rp2J3zIbfN8T3QjfTPRvABRXp6rNa+IXLrsCqSyt5A==
X-ME-Sender: <xms:pUriY5vR9He6beBHnXcUneru944TPdeSw3KWaKc6vBsxTJJ03BOA5w> <xme:pUriYyedaPSpWBW3neLW0iG8USlqwrGa6lehJzSSJ9euEak1yCzmQQVtlcwXvbVm_ zz4R5GwdmsZSfOX0LQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrudegkedggeegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsehttd ertderredtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho figvnhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpeekteeuieektdekleefke evhfekffevvdevgfekgfeluefgvdejjeegffeigedtjeenucevlhhushhtvghrufhiiigv pedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmtheslhhofigvnhhtrhhophihrdhnvg ht
X-ME-Proxy: <xmx:pUriY8xLELdAO4yaTtj-n6jluil0r8VvxR0ht0lRKRpQEbtylzpUag> <xmx:pUriYwP6_KIEbMzo4ToHVYj8B_VGxOfr2zntploRCzTz1cr80lJMjQ> <xmx:pUriY5_pXP_Ik2cAuQtVfb4-cvNPTcVlRLUgy2mBwMmysJQeTulEcA> <xmx:pUriY8K0daFiTnyMfJlMLRxvIdJrd0T-8qIKHtCozYmMjBg8uSN2mw>
Feedback-ID: ic129442d:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 35472234007B; Tue, 7 Feb 2023 07:57:09 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.9.0-alpha0-156-g081acc5ed5-fm-20230206.001-g081acc5e
Mime-Version: 1.0
Message-Id: <397fa423-e8d7-44f3-893f-a1e8eddb8065@app.fastmail.com>
In-Reply-To: <7415fe6a-40c4-139b-af35-eb71f6ba5254@cs.tcd.ie>
References: <6532E43F-74FD-46B4-8D28-9DB03452A689@mnot.net> <7415fe6a-40c4-139b-af35-eb71f6ba5254@cs.tcd.ie>
Date: Tue, 07 Feb 2023 07:56:49 -0500
From: Martin Thomson <mt@lowentropy.net>
To: ietf-http-wg@w3.org
Content-Type: text/plain
Received-SPF: pass client-ip=66.111.4.230; envelope-from=mt@lowentropy.net; helo=new4-smtp.messagingengine.com
X-W3C-Hub-DKIM-Status: validation passed: (address=mt@lowentropy.net domain=lowentropy.net), signature is good
X-W3C-Hub-DKIM-Status: validation passed: (address=mt@lowentropy.net domain=messagingengine.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-6.8
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1pPNXE-00BP5m-Q9 c409c212b65c14fee0d8277be243de96
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Call for Adoption: HTTP Unprompted Authentication
Archived-At: <https://www.w3.org/mid/397fa423-e8d7-44f3-893f-a1e8eddb8065@app.fastmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/50688
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Tue, Feb 7, 2023, at 07:32, Stephen Farrell wrote:
> Can someone clarify whether the u= field amounts
> to a super-cookie or not, and if not, how that
> might be the case?

It doesn't have to be.  Each site (*) could get a different key pair and key identifier.

The draft doesn't say that though, so you are right to ask.  This is probably another case where documenting a little more detail about the usage context could help.

(*) That's a web term, I know, but the question was also web-related.  The more general way to approach this is to say that for servers where the client would not otherwise be linkable, the client must use different keys and key identifiers.  On the web, the boundary we use to determine when linkability is assumed or not is site.

v2.39.1 | Report a Bug | By Email | System Status