Re: Kathleen Moriarty's Discuss on draft-ietf-httpbis-tunnel-protocol-04: (with DISCUSS and COMMENT)
Martin Thomson <martin.thomson@gmail.com> Tue, 09 June 2015 22:29 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 587C91A6F0B for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 9 Jun 2015 15:29:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.412
X-Spam-Level:
X-Spam-Status: No, score=-6.412 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, J_CHICKENPOX_61=0.6, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0reX7j0gRssU for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 9 Jun 2015 15:29:24 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31ECE1A6F04 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 9 Jun 2015 15:29:24 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1Z2Ryc-0004Z6-Bs for ietf-http-wg-dist@listhub.w3.org; Tue, 09 Jun 2015 22:26:34 +0000
Resent-Date: Tue, 09 Jun 2015 22:26:34 +0000
Resent-Message-Id: <E1Z2Ryc-0004Z6-Bs@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <martin.thomson@gmail.com>) id 1Z2RyV-0004YL-J2 for ietf-http-wg@listhub.w3.org; Tue, 09 Jun 2015 22:26:27 +0000
Received: from mail-yh0-f54.google.com ([209.85.213.54]) by maggie.w3.org with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) (Exim 4.80) (envelope-from <martin.thomson@gmail.com>) id 1Z2RyU-0002f6-9S for ietf-http-wg@w3.org; Tue, 09 Jun 2015 22:26:27 +0000
Received: by yhid80 with SMTP id d80so13155492yhi.1 for <ietf-http-wg@w3.org>; Tue, 09 Jun 2015 15:26:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=v8cw7vQ4JU+t+6ohrqBVmPksyNVXBGTu+v/f9NwXuUQ=; b=JgurYwju8I9R55SAXGSBi/TwVJV4yrzktAb7+sRmrySLMvEhdav6Isa1VE9dVhBK0k 1tyZ3Lx+9R2a+sssKxSKXDde2SyW7U1yXcegib3sDVkoLwP+T+uITy3g/EQVHYY4O85+ bpfRo6rh4OuFs5RjXF8y3odVRXROU0Taj+lWHC8vffAkyFhjlhtakkFgurN63ckWjnzN +StSat1ZCPja1x+DbxiPrzrGmzKlf2ely368UQRY5YHewAYITjc2kNDzbEgRSh+gQXLS Xav3thYK3TOv6DahIdUo7Vp5Cj9UikYp6PqomO3VWNGKozOV7mG5qiMxWWpVW/6pGePW 0eQw==
MIME-Version: 1.0
X-Received: by 10.13.247.3 with SMTP id h3mr19552ywf.154.1433888760481; Tue, 09 Jun 2015 15:26:00 -0700 (PDT)
Received: by 10.129.110.138 with HTTP; Tue, 9 Jun 2015 15:26:00 -0700 (PDT)
In-Reply-To: <20150609205915.29041.3629.idtracker@ietfa.amsl.com>
References: <20150609205915.29041.3629.idtracker@ietfa.amsl.com>
Date: Tue, 09 Jun 2015 15:26:00 -0700
Message-ID: <CABkgnnW4EUhE+GTfm-N-GT9b_uh-nnZ7Ou__7C7ahRZYARekaA@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
Cc: The IESG <iesg@ietf.org>, httpbis-chairs@ietf.org, Mark Nottingham <mnot@mnot.net>, draft-ietf-httpbis-tunnel-protocol.shepherd@ietf.org, draft-ietf-httpbis-tunnel-protocol.ad@ietf.org, draft-ietf-httpbis-tunnel-protocol@ietf.org, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=209.85.213.54; envelope-from=martin.thomson@gmail.com; helo=mail-yh0-f54.google.com
X-W3C-Hub-Spam-Status: No, score=-7.9
X-W3C-Hub-Spam-Report: AWL=1.839, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: maggie.w3.org 1Z2RyU-0002f6-9S 20c0a8c9b9365c2bcc3396664b82d3ad
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Kathleen Moriarty's Discuss on draft-ietf-httpbis-tunnel-protocol-04: (with DISCUSS and COMMENT)
Archived-At: <http://www.w3.org/mid/CABkgnnW4EUhE+GTfm-N-GT9b_uh-nnZ7Ou__7C7ahRZYARekaA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/29733
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hi Kathleen, I've responded separately to the secdir review. There was a lot of overlap between that and Stephen's review. On 9 June 2015 at 13:59, Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com> wrote: > It seems to me that authentication relies on TLS. Maybe stating this > explicitly would address the concern? Is there a reason this should be > in the ALPN header(I'm not sure of that, just asking)? We're not actually authenticating this stuff. As I noted in my other response, this is a promise that the client makes and one that the proxy cannot enforce (because, TLS). So the real uses for this header field are: prioritization (move connections from slow and fat pipes to fast and thin pipes, maybe), or early and cleaner denial. The latter allows the proxy to quickly generate an HTTP status code without having to do DPI or whatever other eldritch horrors they currently are forced to do to recognize and deny things they don't want. The WebRTC case is interesting, because you can actually have some assurance about the trustworthiness of the header field. If you trust the browsers, that is (though I'm not advocating that, browser people are the most untrustworthy).
- Re: Kathleen Moriarty's Discuss on draft-ietf-htt… Martin Thomson
- Kathleen Moriarty's Discuss on draft-ietf-httpbis… Kathleen Moriarty
- Re: [Moderator Action] Kathleen Moriarty's Discus… Kathleen Moriarty