IETF Logo Mail Archive

Re: Bikeshed: "context" parameter for signatures

Justin Richer <jricher@mit.edu> Sat, 24 September 2022 18:50 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 294C3C14F733 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 24 Sep 2022 11:50:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.762
X-Spam-Level:
X-Spam-Status: No, score=-7.762 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mit.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WxYebj9DOj2z for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 24 Sep 2022 11:49:59 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A4C5BC14F72B for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 24 Sep 2022 11:49:59 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1ocABE-001JRb-RS for ietf-http-wg-dist@listhub.w3.org; Sat, 24 Sep 2022 18:47:12 +0000
Resent-Date: Sat, 24 Sep 2022 18:47:12 +0000
Resent-Message-Id: <E1ocABE-001JRb-RS@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <jricher@mit.edu>) id 1ocABB-001JQd-Ns for ietf-http-wg@listhub.w3.org; Sat, 24 Sep 2022 18:47:09 +0000
Received: from outgoing-exchange-1.mit.edu ([18.9.28.15]) by mimas.w3.org with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <jricher@mit.edu>) id 1ocABA-0030N2-3D for ietf-http-wg@w3.org; Sat, 24 Sep 2022 18:47:09 +0000
Received: from w92exedge4.exchange.mit.edu (W92EXEDGE4.EXCHANGE.MIT.EDU [18.7.73.16]) by outgoing-exchange-1.mit.edu (8.14.7/8.12.4) with ESMTP id 28OIkrBl030758; Sat, 24 Sep 2022 14:46:54 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=outgoing; t=1664045215; bh=EHvWzw9xv0udnTju6sCXH+ebqAfkcPYIgEx6zX5PRCE=; h=From:To:CC:Subject:Date:References:In-Reply-To; b=aNx+XqyvCKxHF8/5RNpFD6ukpJmpMzoQS/C8smquIikXO5ezR4CBtLaFsLyIAZWyh ZK6jDTcprN8xm0iFBYl/BS0hpOzqlmrXLN6C4itbx0I3SN7s6wDL58guKn5Ytf2YxN fTWSFEI4FyJBaNb5qQN486RG1YRM5hSpPJLeJmq78CHRcN8FCSCKYHL9f4AdWKw8ya zMTN7qXDBfJm6Lfq6Z3LgT6RqiDmG+QRyyEfA+SdNbBjUMiJW/irqDKHcu7RkBW2kb DGXtzx+1YIRo+1EMu0BEpf8pZ3CPGUg1C2Tw8TcbwsaCx18Z12QM+scQuOAr7Gvvk+ N5LQ3tX2Vv3GQ==
Received: from oc11expo12.exchange.mit.edu (18.9.4.17) by w92exedge4.exchange.mit.edu (18.7.73.16) with Microsoft SMTP Server (TLS) id 15.0.1497.38; Sat, 24 Sep 2022 14:46:34 -0400
Received: from oc11exhyb7.exchange.mit.edu (18.9.1.112) by oc11expo12.exchange.mit.edu (18.9.4.17) with Microsoft SMTP Server (TLS) id 15.0.1497.23; Sat, 24 Sep 2022 14:46:53 -0400
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (104.47.66.45) by oc11exhyb7.exchange.mit.edu (18.9.1.112) with Microsoft SMTP Server (TLS) id 15.0.1497.36 via Frontend Transport; Sat, 24 Sep 2022 14:46:52 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZnqvgvSEPQIL9wP6T5hixUuFhbPgT+W6x75cXrmIqE6lhsOMSwsz36xURDzMl/2oHkAOJuMInEt2uzO7Yu8nuqrg/WWJ9QKsr3PDNFgNK5FpWtoS833VGUOxkX7iC7PjP8t8KhPoaf1zIzT6PBS2l5hMqNZn1Y+34esQ/SYMtYot7om8DDWT0w4m5Nn0TD/2ys/OTz+fNbQYlnoURrT2zxIJVNjH3AR2Yp7OqffHQaSRKVi/KXbvB5DMA0yxupHTVeCbWaSAA/lYy+37pLt0bwGILrRG3qTzFEWEZygfutbPclDj4IU805KWU7En3HheT5opgWWggYtZRZJVDpdE8g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=EHvWzw9xv0udnTju6sCXH+ebqAfkcPYIgEx6zX5PRCE=; b=D6eVjllRws3oTa352pNxJe5U4UYeN6LrJgAQXHkE/zFEp1qro7d0h6cZh7OP977uL97GW0WUJlsi/5smvKUYl+6EnH/bjmk4Z0CLzXyW88hjik7Fq/iPMGkCjs7+qHjeI92OozPg47D/doeQAB97FrTU8f9S9xUopvwh+UWUipK9a14hLeaaoV4+nXJhNM5TU27jEQAepKNVf16Cggxd8+5V+e6SyEYkUtCtlGf+Wt8LBcttj6GiRxwHHBPtR91UR5k9Lq41F0nKOxTKiIGB/0nT+m/QSRotO7tCsH426Gpg/Ba4Tng7YvIGUN4NpXuqXRqU/e0Z1yJyTXKH1ih/EA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mit.edu; dmarc=pass action=none header.from=mit.edu; dkim=pass header.d=mit.edu; arc=none
Received: from DM6PR01MB4444.prod.exchangelabs.com (2603:10b6:5:78::15) by CO2PR01MB1958.prod.exchangelabs.com (2603:10b6:102:9::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5654.20; Sat, 24 Sep 2022 18:46:50 +0000
Received: from DM6PR01MB4444.prod.exchangelabs.com ([fe80::8d7a:9afa:1e48:eac0]) by DM6PR01MB4444.prod.exchangelabs.com ([fe80::8d7a:9afa:1e48:eac0%4]) with mapi id 15.20.5654.018; Sat, 24 Sep 2022 18:46:50 +0000
From: Justin Richer <jricher@mit.edu>
To: Tyler Ham <tyler@thamtech.com>, Lucas Pardue <lucaspardue.24.7@gmail.com>
CC: "Backman, Annabelle" <richanna@amazon.com>, HTTP Working Group <ietf-http-wg@w3.org>
Thread-Topic: Bikeshed: "context" parameter for signatures
Thread-Index: AQHYzpE9Gd/XIutr+UGzesthTZtCQK3rzBoAgAFwHYCAAAvKgIAAONoAgAFt6Ug=
Date: Sat, 24 Sep 2022 18:46:50 +0000
Message-ID: <DM6PR01MB4444DD240BE510216792FAB2BD509@DM6PR01MB4444.prod.exchangelabs.com>
References: <54FD011B-AD69-4354-A1A1-D6F019DCB541@mit.edu> <CAGQ3E+eLfq5rLVnmjaLVh1oepTVD+Mgtko4mUpvigWRxEwvBpA@mail.gmail.com> <8FD4B671-76CB-4FC4-89A0-5FD125E843D5@amazon.com> <CALGR9oYWVzNB8AG51AW4g=VRWG42bS9sExcNU5PO9nXYo+NPug@mail.gmail.com> <CAGQ3E+ePQTh=+851ucNpaFwLfu1XnjgmfWOjHqLYgekBvtr0sQ@mail.gmail.com>
In-Reply-To: <CAGQ3E+ePQTh=+851ucNpaFwLfu1XnjgmfWOjHqLYgekBvtr0sQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mit.edu;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DM6PR01MB4444:EE_|CO2PR01MB1958:EE_
x-ms-office365-filtering-correlation-id: 113a55f5-f209-418e-c1ba-08da9e5d2419
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: LPTjZm3ci7o7sahJDeSM1T+EVf5Iak50PTAMkQJfWMeaG++tfS4Y/IYU8jb8eJjVEXSC6cWbJwylzY6t1u1eIwZ4jaiXL8xyXw3+dXJZvq92dFKenEFWPaXDxKoNrbAC7sIKkBqhOkPLUqTvMl+CD+OjexoW1d1rC2nPn9nUGi0Fl6HIDhrZKSbdBIykfTR8Z1MPlLu5/jxYf3y2Hz0OUP2vLpq25J0PCBycNDCiZ/TJLMZW+z6r3HSxkATeo7DZ1FURegwpAotzU2oxoPlqID7btSxpFFsthI1OUvGyY87jkn/FkOTDQF88umkzsq81dXVKw2CO65MA+xF7FlXFJ0E78Xq4SjvyHWw8HRnvdx4b4veOcj8ZcDY2qWyOuOM2/vXpMKZh3BumlE9yBOlnOwySxqQ2+5cYXiUl11k5/cTJbevSvlCJ6qCNn/SVarB1gP2xJSYKGgqPF2SVn2/+GtGFLTSSpaSUF13MNOHJjIo3sOCXfHHj5110Cz/ExH0HYKI2qvncgStsZffHeyD5bAm1srWDY2ojRQihklXEXGkF7wB9oJ6HUvv2NVsSA/Gk/knAVm6wOwuxTtIuS+iCYfhGwRaslXQwiYsbM+S/2BQXJbb5xG4FrhGc5nLLYJooe2150/R4Pk5/TYyK0ahMcFG1zhSeV5xWJShYyAMRQBwZE64Bzz7TRZ0x2Ubj6INohwcmD27tehWCHis2qIL/ayTp89BG0hcZBSMEa26dxEqjWtMpY/GHYMc2eCnCjHN5ZO9dBtuoP6Iv20VTp4JZX+sJ6neOWlcNbRTjZ3sw58a0zyT1uCDG/SWSh/xt1GhnWicH6Jr2p1ygTGWgWR4XGA==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR01MB4444.prod.exchangelabs.com;PTR:;CAT:NONE;SFS:(13230022)(4636009)(366004)(346002)(136003)(376002)(39860400002)(396003)(451199015)(316002)(110136005)(786003)(54906003)(966005)(91956017)(76116006)(66946007)(66556008)(71200400001)(4326008)(8676002)(41300700001)(66476007)(5660300002)(38100700002)(66446008)(64756008)(33656002)(9686003)(53546011)(26005)(7696005)(8936002)(52536014)(6506007)(478600001)(122000001)(166002)(2906002)(55016003)(75432002)(38070700005)(86362001)(186003)(83380400001);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: GUQyv1z5O5FAQD8S0V7arNV0rIcPQgP1Q7yiKMFt+dyDmgQT5xXfQ8j7z5EuqpAbKw6ptmJ4Cf2X+pAErAQaTwwFWWE2nsDxdr6YrLVSpvlg3poWbwRFUpvmCmCFhj8HbBMjHJUpu3EDuT0a7FuoMUO4A4AvRXbgYBNY7mrfCZnGaH+5uX7i9zwL62lg9lrk42+rMfKOGlDy+vPivF67jgFCToOiXMrHd7QAzW5p70KUjZbGgPwm4+mHWpK2MhO20dPgR1ypkkmlB+x9F84J2S5mN7GwZeEYq7wLOT/EVR+hy1OZ1W7yZSaHsIjQszZph8mpSAqUABqAe0N6i/eJAe2b+x8HjZJiza1XLQqe0t9qtUywLfZoA61nVnki0949PM1yPTS1/GPqA9zYrsp0c4ahX9z9iDjtrk/9fNFdwq0Bdms93m3UDB2f5otYKWA1w7OgqOXdd6RMZaxEU/LR0r+GqTDeN6S3bie3wM+HvMsIad+liOzkDp9pdEjdH9pDSA57FLe0g6qFYDGG1dwGUhpQzbyyCOt2DVnbuPFjV98YLDA9zXUN+tCyLcSTX6IKuRItY574LRK2zZuXWw47sRyC14jG64BVdNaQFDnQ4e/0lQJUqViHj+rCbG9mS6izpB6+LVYHN0y39zO67jX0xtvHlFZKY2aL515zECA5AXlgDHT1ryLLlhw3Ze7sHcwunaGrmCctSfU8nLI1Q6ebSwVT4cKu3bK/khKVXZWpZKnsaW2rYkJFxC3vmpSSD7ho0cb9J/WIhZMaXSYB0RNIuvGtGq59TYen4guxwRHItLFqNJ7HHMN45eQNFYdl4+8TMF8AtnV3fbgGdaHDx2qOXo9UbaVCVwQNJ0BWOMH8viepiMS16eSSl0FA4YgIiNIKnWGWjE3cRoOOjnuYEoR0zOgMvyExMXQ6pHksWOvzqUbFyInxsPCGQ8UD4/JEy11/zW1Q8odKAKWsn/sM9j4P/THOs6ovO2TxY5MmIbDudQ9uikhYdXUKIsfcFXg9uXGZ28y9C/SQ+qOcuZA4UNYf8msYakBCBoFNc3Yt0EIj8dvmkoKdK5YKtJSYUnaFRiuEeYcZ2q0JY8a4XLQ5u3W/D8DSFrmj2KRagkJ0rO3TPSFIj60Zph/TAYcNeWywx/6lAw7THXpLm1p6c5F7uKJZncJaXvirgc3fE/DsgorXdGBPaPhw2efCdC8qtZLZQSGroBG9kAumdPyXefd5FfM+2lP+cNsBJz7TN7d93NAtrl+2sKAgUBWZ74Xc0Tj62m+Hsqq1JKq8cF9s9Oj0gEvuP/H1sWnRc+CfxZhNSF6iNXV7PoX0nnYZTS0Bo9CFzhoRd35O2Gm9aia5C3SaX8i0mbGrKg5xCAvyR+9OG79JDd8nPnrwPuge1Dy0aimZ1QCZpdbhST5xLOpZEAs5GW/RV7PCKvwd8zkhub1tCp6JQbPADbjGa+k+d5vf1WGXkJ75Z9VLw3weGuzd9SiXLxx8Ovu9hfV2/zAIJ9rl/l3tnaG8t3WoSooWqhTQRnAVdtCTpphLybfngnfPZpyFqaCkf2xQ9YYyjbRs0sEPtFriRls=
Content-Type: multipart/alternative; boundary="_000_DM6PR01MB4444DD240BE510216792FAB2BD509DM6PR01MB4444prod_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR01MB4444.prod.exchangelabs.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 113a55f5-f209-418e-c1ba-08da9e5d2419
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Sep 2022 18:46:50.0536 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Rb7CDo2BB6TrXiuwZ5Ljq2Azy1CJcV874lQVpmuPES+kYI07XVVu0StwHpHNl7SD
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO2PR01MB1958
X-OriginatorOrg: mit.edu
X-W3C-Hub-DKIM-Status: validation passed: (address=jricher@mit.edu domain=mit.edu), signature is good
X-W3C-Hub-Spam-Status: No, score=-7.4
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1ocABA-0030N2-3D 24a93731569c2f32aba48880500500c7
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Bikeshed: "context" parameter for signatures
Archived-At: <https://www.w3.org/mid/DM6PR01MB4444DD240BE510216792FAB2BD509@DM6PR01MB4444.prod.exchangelabs.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/40409
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

I just pushed a PR to rename the parameter to tag. The examples still need to be recalculated but I think this is probably the right name for this:

https://github.com/httpwg/http-extensions/pull/2253
________________________________
From: Tyler Ham <tyler@thamtech.com>
Sent: Friday, September 23, 2022 4:56 PM
To: Lucas Pardue <lucaspardue.24.7@gmail.com>
Cc: Backman, Annabelle <richanna@amazon.com>; Justin Richer <jricher@mit.edu>; HTTP Working Group <ietf-http-wg@w3.org>
Subject: Re: Bikeshed: "context" parameter for signatures

I agree with those thoughts. I like "tag" slightly better than "label", but both sound good to me.

The words "domain", "reference", and "ref" also come to mind. I think these are worse for various reasons, but wanted to toss them out there in case they spark any other ideas.

Tyler


On Fri, Sep 23, 2022, 11:33 AM Lucas Pardue <lucaspardue.24.7@gmail.com<mailto:lucaspardue.24.7@gmail.com>> wrote:
"tag" or "label" sound like good options to me.

On Fri, Sep 23, 2022 at 5:54 PM Backman, Annabelle <richanna@amazon.com<mailto:richanna@amazon.com>> wrote:
"appdata" doesn't address the structured data concerns Justin raised, which I agree with.

I like "tag" or "label", as they capture both the variable, application-defined meaning of this parameter's value, and its optionality.

—
Annabelle Backman (she/her)
richanna@amazon.com<mailto:richanna@amazon.com>




On Sep 22, 2022, at 11:53 AM, Tyler Ham <tyler@thamtech.com<mailto:tyler@thamtech.com>> wrote:


CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.

My first thought when I see the labels "app" and "application" is that the value is meant to be the name of an application.

How about something like "appdata"? This changes the noun to a generic "data", but it keeps "app" in there as an adjective to indicate that this parameter is for something application-specific.

Tyler


On Thu, Sep 22, 2022, 8:43 AM Justin Richer <jricher@mit.edu<mailto:jricher@mit.edu>> wrote:
I missed an issue that had been filed (but not tagged) prior to the publication of signatures-12, and it asks a pretty simple question:

We added a “context” parameter to allow applications to put a specific string that the application can recognize into the signature parameter set, so that (for example) an authz protocol can declare that a specific value be used or a cloud deployment can have all of its proxies use the same value. However, the term “context” is used in other ways in the spec, so it’s not the best term to use for this new parameter. The proposal is to change “context” to “application” or even the shorter “app”:

https://github.com/httpwg/http-extensions/issues/2249


I’d like to do a quick bike shed on this parameter name here, for anyone who has an opinion. Since it’s newer, existing libraries mostly don’t have it supported yet so if we’re going to change it we should change it right now.


Thanks,
 — Justin

v2.37.1 | Report a Bug | By Email | System Status