Re: I-D Action: draft-ietf-httpbis-message-signatures-12.txt
Justin Richer <jricher@mit.edu> Tue, 20 September 2022 22:27 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 013FEC14CF08 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 20 Sep 2022 15:27:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.06
X-Spam-Level:
X-Spam-Status: No, score=-5.06 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mit.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mQ_0Uv8tJtfE for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 20 Sep 2022 15:27:36 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C96AC14CF03 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 20 Sep 2022 15:27:35 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1oali8-007AqM-Bs for ietf-http-wg-dist@listhub.w3.org; Tue, 20 Sep 2022 22:27:24 +0000
Resent-Date: Tue, 20 Sep 2022 22:27:24 +0000
Resent-Message-Id: <E1oali8-007AqM-Bs@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <jricher@mit.edu>) id 1oali5-007ApN-Pr for ietf-http-wg@listhub.w3.org; Tue, 20 Sep 2022 22:27:21 +0000
Received: from outgoing-exchange-3.mit.edu ([18.9.28.13]) by mimas.w3.org with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <jricher@mit.edu>) id 1oali4-0016Yw-9N for ietf-http-wg@w3.org; Tue, 20 Sep 2022 22:27:21 +0000
Received: from oc11exedge2.exchange.mit.edu (OC11EXEDGE2.EXCHANGE.MIT.EDU [18.9.3.18]) by outgoing-exchange-3.mit.edu (8.14.7/8.12.4) with ESMTP id 28KMR7TD004355; Tue, 20 Sep 2022 18:27:08 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=outgoing; t=1663712828; bh=d1qfec1bs66KNQx0hl8AeV9tyra5KJCWpBr2BfazVtE=; h=From:To:CC:Subject:Date:References:In-Reply-To; b=a7du1BB59laOasMrQSXl0xpezplERG9DL0at/+fNtoVvsF/6CllmgiuKza9VbJC81 lkXs7INfryTetAy5oFtqkP6P0ZHrSVEbV9wQBZZKp2nDNfl/5xagSwyq3SU0quVYaO MMf4KjQUhDU5nnHfrb3z6wh7CICPIM+R9GntGAsFLsO6s22bi/Z8ApwOLDtwx3UAcD Z5ptkG0dG5UlvmgLgzMcDzBm2kql+fjIrZtNdpKPRuVXEfL0PpgAoTIgMA8EuguQrf Bm8eWXfLYkX6+cXJKg/djgInHaAm5XknWJQERigEq6uk4bdS5Yfs7cLcjVFw26G/M1 7CdZZ7Qeylrxw==
Received: from oc11expo14.exchange.mit.edu (18.9.4.19) by oc11exedge2.exchange.mit.edu (18.9.3.18) with Microsoft SMTP Server (TLS) id 15.0.1497.38; Tue, 20 Sep 2022 18:26:57 -0400
Received: from oc11exhyb2.exchange.mit.edu (18.9.1.98) by oc11expo14.exchange.mit.edu (18.9.4.19) with Microsoft SMTP Server (TLS) id 15.0.1497.23; Tue, 20 Sep 2022 18:27:07 -0400
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (104.47.55.105) by oc11exhyb2.exchange.mit.edu (18.9.1.98) with Microsoft SMTP Server (TLS) id 15.0.1497.38 via Frontend Transport; Tue, 20 Sep 2022 18:27:06 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=l9TGs8EnacUX0ctHjJdHbHfJwmIitB2KhLvPBwSKcOyailZY1fKzusRydB2trvktilNPbVC7EISiE8CjJwV1KPSxhuZAhPKUSPp4lFqo0Hh3wyZmLEcn/icx0e8VnHQ1NOR0Ux8p193dRI5c3kSQiXxCj5Am/Ukp21+nAAdiBKwiFa2cGbVFVJvH3A2V00wRZAmNijHLwjpTjblqZCbepLwLU+BkMx9ShtllFGROkjhPyAoqUaIItxYJEHej6sv/SEqR98rWhVuWwngvYP2ceBejGYxC0m1q/gp67Muk7fBd4VJswD1VrccX4A4qexg+qHCbttGsqkfNWqbxxlqWRw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=d1qfec1bs66KNQx0hl8AeV9tyra5KJCWpBr2BfazVtE=; b=Yj9dRtcNa+Jsz4CM9PjVyXNB7A/R6QLm2hZ1pGF/BJVAIdmte89SsxHU9W+1mq52p4fXhhEQwnpkT6vIB9N7HeA70uwPj9+DBC6OQyhB6LRWPM1MQvt0NFY87BWcTEdMIvjevnRvhuNB540yb9J5x796cE/tnuQUGNJ/PZAmilYxFoflurTlMeEddAVpNESmqMl7p0Dryo6Kv4OnCNr5wbGXCSB/5WN7NWHgKTl4Lc+hNgVzUq2c+nX9AxJmRxNwjwMwZN27GgXok50YRHmD7/iqGna3/4TndIDIY7gygEDWOhrt0P+RIaoSITcNvA7HEkQevdeSyF23X3dTHz2K6w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mit.edu; dmarc=pass action=none header.from=mit.edu; dkim=pass header.d=mit.edu; arc=none
Received: from DM6PR01MB4444.prod.exchangelabs.com (2603:10b6:5:78::15) by SN6PR01MB3631.prod.exchangelabs.com (2603:10b6:805:21::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5654.14; Tue, 20 Sep 2022 22:27:04 +0000
Received: from DM6PR01MB4444.prod.exchangelabs.com ([fe80::fc2b:b6d3:3963:211c]) by DM6PR01MB4444.prod.exchangelabs.com ([fe80::fc2b:b6d3:3963:211c%6]) with mapi id 15.20.5632.015; Tue, 20 Sep 2022 22:27:04 +0000
From: Justin Richer <jricher@mit.edu>
To: HTTP Working Group <ietf-http-wg@w3.org>
CC: "i-d-announce@ietf.org" <i-d-announce@ietf.org>
Thread-Topic: I-D Action: draft-ietf-httpbis-message-signatures-12.txt
Thread-Index: AQHYzT+Yl44lER4bHEOPb/N/Or6dR63o5beA
Date: Tue, 20 Sep 2022 22:27:03 +0000
Message-ID: <EC39B90D-8B82-47B4-B1E8-9C2837C235C9@mit.edu>
References: <166371240035.11526.4204997063913156509@ietfa.amsl.com>
In-Reply-To: <166371240035.11526.4204997063913156509@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mit.edu;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DM6PR01MB4444:EE_|SN6PR01MB3631:EE_
x-ms-office365-filtering-correlation-id: e773fbce-426b-48ce-c49d-08da9b573e9a
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 3A29mcVx9kj6EsO9C86Icl8qG7NhPJ4OMWGGDDARZUzGPOY2WMe6/jFcN3sHHmMJfZFEAe+eEHVEZFQoxuLjCdWZNsL2rjw89LP8arKr3eaLnsSxNHB1+G/mjAVszJt3wAoBM+Y1rtlmzRJduNz6qtnQLZu86/Ul9XAdRQAneporrfkbg9LhZuYdFxGvhgTofhrhJLbaQNDVPeXlwfXz+n6jeYXRLIKSEqmdsmBvyPwdBNgTHKn1Q/kXuo73HK3+4RRiczKuUqxLLIIpgDotQC4z6koWXTErSjm61zliXp+x9BE+jjn6TIQoMTxVLUr7LT01fXTedu7YYjz67C2iRq5oLjLesa4OCcizGq9IrZEWltb/mW8TTLZx3cCPoO9xoi/egMNQaAk/5ObowRD6t0Bz1fG1Vyfw6uVnHbZMyyZ6NNIYL+U9Mq85uA5rvaljK/1kkkQRxe0e4jphDTb/jHjkxz2tLnZjXkN8zY7xRtwU4onLTPnGoSehMnkYJG10p8qtmONr/yjpM0IDBbr4yZx3DGKMteP4ci/N7TUM08lEnQx7dj0ZLeIdwKrlSWidJP2H6jBESTTXyXZixijdGMAVnpqnIJZ5L/dokxL4mDM9x030yzFUgNJwNvgXwb/XxKW2PhrX0xc+iayKg7whYbTxDbGz7v7kkHilIHXQg0/KTeAilKYoMsELiWgDDf8K+NOmv8SoEZjqVFZX3g6cI9CF5fzR2mKiQlSbNOGl+NMUKugFZ+wwzj2ieSlomwnZj4lhZoWjtdWrDTbgAVdB22tFA9+vSM5ip0FhWEXX8pTuutU/afRLO8KUynOR6Du3+7LVyO4uCE5YWS4Csz9Ngw==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR01MB4444.prod.exchangelabs.com;PTR:;CAT:NONE;SFS:(13230022)(4636009)(346002)(396003)(136003)(39860400002)(376002)(366004)(451199015)(8936002)(2906002)(5660300002)(76116006)(4326008)(8676002)(64756008)(66446008)(66476007)(66556008)(66946007)(36756003)(91956017)(15650500001)(41300700001)(71200400001)(6916009)(478600001)(122000001)(966005)(6486002)(26005)(6512007)(33656002)(38070700005)(316002)(786003)(53546011)(6506007)(86362001)(38100700002)(66574015)(75432002)(2616005)(83380400001)(186003);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 28/FVtteLerseAXoKw8Uw9VxpVLs/NuhuRzJV+cbv7iJhZfuyINOdPN69WA2g0NKLNtnOSXVoGovSeVB8qxVibDEGFMnAIe0NT7LwCDDFRm2/yN6n58HXkOyMJW8IEO49/NKybZuw9SGJpuIaerTfz5ZL5p5mhZOymzvhqMnjrpcFkylWE42iPnFyGPjgzqWyVyYEnP8NfVTJVm1GJn9sVcHan4EXJ0FOARKpOrYySMmASJJZiOHlyGDKIjUIZCTXXtBEs8ziw1J+Na2hDUV4mTZHuEilSv5aZIeujbM3KHaVxtM73GwtD6Znd3/ZfesC14W8deQ6z+bgyUySt5BAIitLVXYSrTDuuA7UshzSySF/QC9PCknpSuhOSz5SE0YV6Z20zChbQkheScXvQ79y3jUGjYbRDpv7atbIwST4P0iqTe+htzkGV0+1B9U3w3bmvjmDX6yEb8sWaCY0ETH3px/vFQk8CKFkZkvagKcEg2L1g+I5TZCVqGggNVOBcoT7u1VfD5FJYncovyH+kdfBHnex95gnBUEvBoJI6oTFFeldesu+OLjhAHnCo+hdNmW20r/+rlfg3U3dJVMITEWQxYC0FywkcIkE6cj5+fyJi5vTuzFfoW1WFVA8lDb+LHaKSkXQb1EJZaT9Z00d6A/fnB6E8CYNQ7rHnJz+Rusx3Tj50TaOc4bpcdOHbRMCTiwUQF/5lfOBlXgGJWn0E9jNDqSRkOFXKAXGLYV9KXEw4jwtztkK4l94gDwGzncdphQ/x5dF3Gd5jnTtHWifa0sNg6unJUPPRjimhTQ5oU2rOSljMvM8TaIOqvUfNUigIS9sRFgpl6+47j4ogEpsEl8/C3ulQ7sXo84m7tDiFetqmZdBBQIR1H8WXMRcU3bzyS9zlXGcsSHsP+AMYsxxNFg8L9diz7cvNZniFa5Dp2uvgMOwR2BIGePoK+HKbneA9iQ8WRBUxjrqVA+dL/eBhTtQ45mlfPGw6gEXWOlRYXK1k+XNSvLLik8K6YiR1Ceg6FHInB2v0F58CWLkWxiOvoFojhQiBHdZH7yIB5rvNDOqWJ2axS3Z4ICZ2lBGjZCioOII/Fs9CPCOEszLGOZgG1FGLmBzFQBA9TQMUXiEg0q8ZGzt9hawNXriFH89axcfL/N3k5VHISZgDlozD+r320z11fPDzxWOB1UlXIoxgDalolqvuyOWITqdJh7w+A0Sbh9ZqYg0Ar0N3xC/p0kmX9uzyRq+aeiv+Xn3O72JLMs7NLNrUtYzhDUQ5i1BthDF2Ni0aNaVvGRXCXoFJg7kCYZnITVv67XVX/ZNrKho7TKKOrO8LbBQjukLDkTFigCaSpf3t5MWaLMq0ZXnuHceMDYytK75O610+E/iF2RiEhUXuvi+XgHIA++J5P0gPNH7O0HMPHmjp2j2BEjyt3Qzr2aY9Tl5EbjqG/RCTXxw0y42jUzY9R9tQKwiccdKaYXlrmVkJZ7Ci5UEbQXiw/ZOTBYMirFPxwyOV2xjFvvrwABuHKhRhuLnxucggg7U7/9ZMdB0yDSeNj5EACXBBnfMuB99E50T8c+DaLnzrJUnEvo+coTTqdM6b8iBSSp7VyiyN95
Content-Type: text/plain; charset="utf-8"
Content-ID: <AAEF9B39D8D41B4692278A620418F4CC@prod.exchangelabs.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR01MB4444.prod.exchangelabs.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e773fbce-426b-48ce-c49d-08da9b573e9a
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Sep 2022 22:27:04.0824 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: XyLUR9xfaX4hpagDz2uIo4jIxTuhaHM+zUTpGHn/mQz7x5bh13N09220K1mkPQlI
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR01MB3631
X-OriginatorOrg: mit.edu
X-W3C-Hub-DKIM-Status: validation passed: (address=jricher@mit.edu domain=mit.edu), signature is good
X-W3C-Hub-Spam-Status: No, score=-7.4
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1oali4-0016Yw-9N fa3c7a5d3f4b7a11d6129bb069a02fcb
X-Original-To: ietf-http-wg@w3.org
Subject: Re: I-D Action: draft-ietf-httpbis-message-signatures-12.txt
Archived-At: <https://www.w3.org/mid/EC39B90D-8B82-47B4-B1E8-9C2837C235C9@mit.edu>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/40396
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Not a lot here: - added a new algorithm definition based on feedback from a large implementor (ECDSA on curve P-384) - shuffled around the security considerations into categories - added the “context” parameter for applications to use as an application-specific label All issues tagged “signature” are closed, and the editors believe that this document is ready for last call. Chairs, we would like to start the WGLC process. — Justin > On Sep 20, 2022, at 6:20 PM, internet-drafts@ietf.org wrote: > > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the HTTP WG of the IETF. > > Title : HTTP Message Signatures > Authors : Annabelle Backman > Justin Richer > Manu Sporny > Filename : draft-ietf-httpbis-message-signatures-12.txt > Pages : 99 > Date : 2022-09-20 > > Abstract: > This document describes a mechanism for creating, encoding, and > verifying digital signatures or message authentication codes over > components of an HTTP message. This mechanism supports use cases > where the full HTTP message may not be known to the signer, and where > the message may be transformed (e.g., by intermediaries) before > reaching the verifier. This document also describes a means for > requesting that a signature be applied to a subsequent HTTP message > in an ongoing HTTP exchange. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-httpbis-message-signatures/ > > There is also an HTML version available at: > https://www.ietf.org/archive/id/draft-ietf-httpbis-message-signatures-12.html > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-httpbis-message-signatures-12 > > > Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts > > >
- I-D Action: draft-ietf-httpbis-message-signatures… internet-drafts
- Re: I-D Action: draft-ietf-httpbis-message-signat… Justin Richer