Re: Alt-Svc WGLC

Kyle Rose <krose@krose.org> Tue, 12 January 2016 00:53 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4DE41ACCDE for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 11 Jan 2016 16:53:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.171
X-Spam-Level:
X-Spam-Status: No, score=-6.171 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fK7xhDsghao2 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 11 Jan 2016 16:53:27 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C72C71ACCD9 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 11 Jan 2016 16:53:27 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1aInAA-0003MH-L6 for ietf-http-wg-dist@listhub.w3.org; Tue, 12 Jan 2016 00:50:18 +0000
Resent-Date: Tue, 12 Jan 2016 00:50:18 +0000
Resent-Message-Id: <E1aInAA-0003MH-L6@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <krose@krose.org>) id 1aInA8-0003LO-0N for ietf-http-wg@listhub.w3.org; Tue, 12 Jan 2016 00:50:16 +0000
Received: from mail-ig0-f179.google.com ([209.85.213.179]) by maggie.w3.org with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) (Exim 4.80) (envelope-from <krose@krose.org>) id 1aInA2-0006ww-5X for ietf-http-wg@w3.org; Tue, 12 Jan 2016 00:50:14 +0000
Received: by mail-ig0-f179.google.com with SMTP id t15so108760247igr.0 for <ietf-http-wg@w3.org>; Mon, 11 Jan 2016 16:49:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=krose.org; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=8A31un23tHk04wua2LQ7C1KuDlWRjTR8huz705jYM/E=; b=dewEx01irZG/g+DG6ALonHJNfJ1ZxVZccSrk3JyDANwBsa/lZFLoCvgam6hUuF4SBT pdk6x/8cQNUw2LszCnKRDP1Rb6xHjGwRkZ9KkLomG7luAniB0pefsgZdG4pISQCDuTVR UfKdaI8fk1nK7CecrJODuCOuDN9qvhoHfJPLQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=8A31un23tHk04wua2LQ7C1KuDlWRjTR8huz705jYM/E=; b=BuF5S30KVn2bd135hYji3Qs4v1kuogEriV/N5cK8KREYJtuTVCtInCy1ClYqOm0coY L6ApA6Nkl7Znofa/9gkhqjEM63lS+rlf8tJbKNYjthBzc/Ri7pOU3+7BfKIWldD9aewW mK3ft2S4hlCZbgHatywHo+PZ3DXfl/dq5B6a6Iboh6JM9JVWMaHGcqZ6b42yAL3w5K4A xy3Dzlkx79bOzFmE8LLV3rYkrEFKZlB83MlX75dZK7xw0kTBfwV7OXtTcNioKYccrlvc 1gHi8rx5ZxEllfxDBYtlZ3d6a3+ho05yOpYbIINGBJFF+3jSlxYw3vZKiyO/69Nua65O WVGg==
X-Gm-Message-State: ALoCoQkhB37Oatpe6tVV2e+2MHWeEygeWXnCROkpEPFd5U5cyW++HPFELPCuizVeS9PZRW7GQD+1te6cjRcbS2u9dX0FcHZoOQ==
MIME-Version: 1.0
X-Received: by 10.50.70.100 with SMTP id l4mr5373209igu.69.1452559783482; Mon, 11 Jan 2016 16:49:43 -0800 (PST)
Received: by 10.79.83.197 with HTTP; Mon, 11 Jan 2016 16:49:43 -0800 (PST)
X-Originating-IP: [2001:470:1f07:121:3138:1325:d954:511c]
In-Reply-To: <CABkgnnWu-oy9Ax1A=E+4GJ47YGKZa3SLHi0a5kendxNX=q5zaQ@mail.gmail.com>
References: <566EA6AF.60100@gmx.de> <56703332.1000006@crf.canon.fr> <56928545.7010804@gmx.de> <CAJU8_nVkibr4DsUOWjpEYOVTPbTdoWyBsgSFiRr7Rp4=qFKjPA@mail.gmail.com> <CABkgnnWu-oy9Ax1A=E+4GJ47YGKZa3SLHi0a5kendxNX=q5zaQ@mail.gmail.com>
Date: Mon, 11 Jan 2016 19:49:43 -0500
Message-ID: <CAJU8_nVyfxjiM1Q-W_CSv=B1auPXbKsDdPNibOR-GHTRjor1GA@mail.gmail.com>
From: Kyle Rose <krose@krose.org>
To: Martin Thomson <martin.thomson@gmail.com>
Cc: Julian Reschke <julian.reschke@gmx.de>, Hervé Ruellan <herve.ruellan@crf.canon.fr>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=209.85.213.179; envelope-from=krose@krose.org; helo=mail-ig0-f179.google.com
X-W3C-Hub-Spam-Status: No, score=-4.7
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: maggie.w3.org 1aInA2-0006ww-5X 5d51b8444f5d9abbddbbe4d12a137d5a
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Alt-Svc WGLC
Archived-At: <http://www.w3.org/mid/CAJU8_nVyfxjiM1Q-W_CSv=B1auPXbKsDdPNibOR-GHTRjor1GA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/30891
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Got it. (I don't like the language in the proposed change, but I don't
think my misunderstanding is necessarily reflective of ambiguity, more
of my thinking this was from a different section of the draft,
drastically changing the context in my mind.)

>From host_security, the issue seems to be:

 * If strong authentication is not used, then the origin and the
alternative service host must be the same
 * If strong authentication *is* used, then the host for the
alternative service must authenticate itself as the origin

Is the language in the second bullet point both precise enough to
limit the alt-svc hosts to what we mean, but broad enough to encompass
existing authentication schemes? If so, then maybe something like:

"Clients MUST NOT use unauthenticated alternative services with a host
that is different from the origin or authenticated alternative
services with a host that does not authenticate itself as the origin."

It has to be somewhat imprecise (what does it mean to "authenticate
itself as the origin"?) to be broadly applicable.

Kyle

On Mon, Jan 11, 2016 at 6:43 PM, Martin Thomson
<martin.thomson@gmail.com> wrote:
> On 12 January 2016 at 03:05, Kyle Rose <krose@krose.org> wrote:
>> How about "Clients MUST NOT use an alternative service with a host
>> that is different from the origin's without strong server
>> authentication of the alternative service declaration"?
>
> That changes the intent.  The server that is ultimately contacted
> (after all the alt-svc shenannigans) MUST be authoritative for the
> origin of the resources that it serves.
>
> Yes, we want to authenticate the alt-svc declaration, but that isn't
> actually a necessary precondition on getting what we really want: an
> authority for the resource itself.