IETF Logo Mail Archive

Re: #148: Reasonable Assurances and H2C

Mark Nottingham <mnot@mnot.net> Sat, 20 February 2016 02:43 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08FCD1B371F for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 19 Feb 2016 18:43:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.908
X-Spam-Level:
X-Spam-Status: No, score=-6.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.006, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gfXHL5WTxQ35 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 19 Feb 2016 18:43:30 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D2DAC1B3763 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 19 Feb 2016 18:43:27 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1aWxU4-00082C-A8 for ietf-http-wg-dist@listhub.w3.org; Sat, 20 Feb 2016 02:41:24 +0000
Resent-Date: Sat, 20 Feb 2016 02:41:24 +0000
Resent-Message-Id: <E1aWxU4-00082C-A8@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1aWxTz-0007zs-6N for ietf-http-wg@listhub.w3.org; Sat, 20 Feb 2016 02:41:19 +0000
Received: from mxout-07.mxes.net ([216.86.168.182]) by lisa.w3.org with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1aWxTw-0007B7-Lq for ietf-http-wg@w3.org; Sat, 20 Feb 2016 02:41:18 +0000
Received: from [192.168.1.101] (unknown [120.149.194.112]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id F416322E261; Fri, 19 Feb 2016 21:40:52 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <CABkgnnW3-c1qaC_N2UP5TLnPS0rrOYjOYFb4nhUzfQ_8AFsTJA@mail.gmail.com>
Date: Sat, 20 Feb 2016 13:40:50 +1100
Cc: HTTP WG <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <072D900D-422E-4168-8DCF-51A739BC9E5A@mnot.net>
References: <20160209074851.32332.24065.idtracker@ietfa.amsl.com> <20160209182822.C37A959F@welho-filter2.welho.com> <B7164F24-DDA1-4753-8A8B-04809B1965FF@mnot.net> <CAC4RtVCCExJNE0y8480vC1W56NP4XhzfvLs+ASh1Qy-UcDPBNw@mail.gmail.com> <C2145C5A-0255-43F9-A44A-F6C7974CDD4C@mnot.net> <CABkgnnW3-c1qaC_N2UP5TLnPS0rrOYjOYFb4nhUzfQ_8AFsTJA@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
X-Mailer: Apple Mail (2.3112)
Received-SPF: pass client-ip=216.86.168.182; envelope-from=mnot@mnot.net; helo=mxout-07.mxes.net
X-W3C-Hub-Spam-Status: No, score=-8.2
X-W3C-Hub-Spam-Report: AWL=1.359, BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: lisa.w3.org 1aWxTw-0007B7-Lq 005059a4c7d9eeaf878711c4d1db72e5
X-Original-To: ietf-http-wg@w3.org
Subject: Re: #148: Reasonable Assurances and H2C
Archived-At: <http://www.w3.org/mid/072D900D-422E-4168-8DCF-51A739BC9E5A@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/31081
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

> On 20 Feb 2016, at 1:37 PM, Martin Thomson <martin.thomson@gmail.com> wrote:
> 
> On 19 February 2016 at 18:16, Mark Nottingham <mnot@mnot.net> wrote:
>> The remaining question (3 in the issue) is whether we should firm up the definition of "reasonable assurances" to require another way of achieving that to be documented in an RFC that updates this one.
>> 
>> Mike B has already supported this approach; what do others think?
> 
> I think that it's a fine approach.
> 
> Are we simply going to reference RFC 2818 in defining "reasonable
> assurances"?  Maybe with a "Assurances that are considered reasonable
> might include the certificate checks defined in RFC 2818, though
> additional or alternative checks might be used by clients."

I think so, although with language stronger than "might include"; e.g.,

"For the purposes of this document, "reasonable assurances" can be established through use of a TLS-based protocol with the certificate checks defined in RFC2818. Other means of establishing them MUST be documented in an RFC that updates this specification. Clients MAY impose additional criteria for establishing reasonable assurances."


--
Mark Nottingham   https://www.mnot.net/

v2.30.2 | Report a Bug | By Email | System Status