IETF Logo Mail Archive

Re: signatures vs sf-date

Justin Richer <jricher@mit.edu> Fri, 02 December 2022 14:26 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 670CBC14F736 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 2 Dec 2022 06:26:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.751
X-Spam-Level:
X-Spam-Status: No, score=-7.751 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mit.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T7z9sDKAmEVT for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 2 Dec 2022 06:26:50 -0800 (PST)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25915C14F745 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 2 Dec 2022 06:26:38 -0800 (PST)
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1p16zi-009Go6-8O for ietf-http-wg-dist@listhub.w3.org; Fri, 02 Dec 2022 14:26:26 +0000
Resent-Date: Fri, 02 Dec 2022 14:26:26 +0000
Resent-Message-Id: <E1p16zi-009Go6-8O@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <jricher@mit.edu>) id 1p16zg-009Gn9-Px for ietf-http-wg@listhub.w3.org; Fri, 02 Dec 2022 14:26:24 +0000
Received: from outgoing-exchange-5.mit.edu ([18.9.28.59]) by mimas.w3.org with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <jricher@mit.edu>) id 1p16zf-005qRT-EP for ietf-http-wg@w3.org; Fri, 02 Dec 2022 14:26:24 +0000
Received: from w92exedge4.exchange.mit.edu (W92EXEDGE4.EXCHANGE.MIT.EDU [18.7.73.16]) by outgoing-exchange-5.mit.edu (8.14.7/8.12.4) with ESMTP id 2B2EQ9Jf011895; Fri, 2 Dec 2022 09:26:11 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=outgoing; t=1669991171; bh=Kpb5KwB+HJy1K56W7q/n036xshJmUjbpC7DHTl5AlYk=; h=From:To:CC:Subject:Date:References:In-Reply-To; b=mbrAWJgl1zE4lj8QFS/mubJLUiKfqitQnnRu2GENab8Zlig+APHjqkipZHZDb9ydv Xlfkcz8+0jFTf3iyTv8H/2lSxHyvk/e3Ox1NDvsNubiK4X2AuQoi4TavXzmCkb+gEE 01UlvnBYuknsA869vpHDLczYtQkMYp8gpZN3F8G7rRf3xkR7D3ofXK1Nv6Yiz14b3c /QCg98wAhLnm6Dfzqx+BzroBTQrSDlNxtyeB/r7c/bkzgyrGGIfLKDD8dtDGhUOmB3 pW4td08W2Tr1x2OYIqYEcKwi3PGVZDfk+y/kTVLQgmtBGNgm4wB9mRqrLJLl4GPdqR ic6wGkbpu/sMg==
Received: from w92expo31.exchange.mit.edu (18.7.74.43) by w92exedge4.exchange.mit.edu (18.7.73.16) with Microsoft SMTP Server (TLS) id 15.0.1497.42; Fri, 2 Dec 2022 09:25:02 -0500
Received: from oc11exhyb5.exchange.mit.edu (18.9.1.110) by w92expo31.exchange.mit.edu (18.7.74.43) with Microsoft SMTP Server (TLS) id 15.0.1497.42; Fri, 2 Dec 2022 09:25:38 -0500
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.105) by oc11exhyb5.exchange.mit.edu (18.9.1.110) with Microsoft SMTP Server (TLS) id 15.0.1497.42 via Frontend Transport; Fri, 2 Dec 2022 09:25:38 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hyrItDyNg9BCVaTPG3CGYcZPvPjjut6pmnqY3OrOy9+fqnxSldiDNVaamwGQSjbMuZdNvlUJFNzjY3N1A52e4snKBzQhpKas8XC52YTE4NqwHtbCt5xSFZFLsXJV8JvQjrJ3lZKqwQ0bHI3Y9gZfI5UWvVA66ShXWEhIRAIjs4MOI0doPrq/RAnbzDSuUbKbZ2tY2hpwGgj1hYCl3bUUn34lCni2yy/+gEVxo2J18YUt9OiSZiAcnKD5fvcmgaFB+Kz6yjM31ZdL+cRoP+4WMJFGO9anWw8jqDB5NMev/VRrtCOFSWNHjlHffdyhhe2+o7v3/eHYVVFxTpiiv8SX1A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Kpb5KwB+HJy1K56W7q/n036xshJmUjbpC7DHTl5AlYk=; b=QCSwxQ5HjyupBN594nL16kdC+0eapiajb4WcoxnSqCYj/zPQCSt25Ad1CxS0q/LLOlrKjvI4SesneTG/PoA1G8IxOzp+/t8pb1vv+sVHczqnA9PkqWIE6H9LZXtCiE+7Ae9LRSAP+sEqMMJ5P4HR23OtWz8xQT57oThHSGYY/ueuHsjd3w8zogddyyF/FW6diUfV/3D2vOiqGiBO+VRrMiQDwoZd5pOxzbVU3+loOPGhDEyOD/KMAjGO6z3HGjkyKsR/oV7k4Q/YarTyRtG1EqSh83RtTm2YeZ1m6kp8mEubHQPvtNSH841kJsVDHHak79/7g5OsKp9qniNeSvxQUw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mit.edu; dmarc=pass action=none header.from=mit.edu; dkim=pass header.d=mit.edu; arc=none
Received: from DM6PR01MB4444.prod.exchangelabs.com (2603:10b6:5:78::15) by DM6PR01MB4332.prod.exchangelabs.com (2603:10b6:5:76::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5857.23; Fri, 2 Dec 2022 14:25:32 +0000
Received: from DM6PR01MB4444.prod.exchangelabs.com ([fe80::5639:ceea:e5a7:c8dc]) by DM6PR01MB4444.prod.exchangelabs.com ([fe80::5639:ceea:e5a7:c8dc%7]) with mapi id 15.20.5857.023; Fri, 2 Dec 2022 14:25:32 +0000
From: Justin Richer <jricher@mit.edu>
To: Julian Reschke <julian.reschke@gmx.de>
CC: HTTP Working Group <ietf-http-wg@w3.org>
Thread-Topic: signatures vs sf-date
Thread-Index: AQHZBajPfV4YGnJ7nUGZN5+UsAk5Wq5aqIoA
Date: Fri, 02 Dec 2022 14:25:32 +0000
Message-ID: <04A5CE20-A291-4FA4-A330-FB1090697EA1@mit.edu>
References: <2070c8e0-98d6-7b63-77c3-550bcd661397@gmx.de>
In-Reply-To: <2070c8e0-98d6-7b63-77c3-550bcd661397@gmx.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mit.edu;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DM6PR01MB4444:EE_|DM6PR01MB4332:EE_
x-ms-office365-filtering-correlation-id: bf51b4a7-ff67-4f10-bfb9-08dad47111d1
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: z5EVEcQyANkunGAyuoyy0HE2PpTkwTbKQl7s/L+Oshnr/VOJvfUzC1h3UGDrARhk4R41N3ydVCFO+2+dkw4i7Nm3CQyZyQPwKYlePcfcfnBDokglsHsWJt5Mppzl2kBCyB8qEy5qQIKLAE07ywvsfKWfEFLZVbyTPODxeOHj+/pSDIMWKUNbvtG0b1yrRrL3dkCDBPDM7fjsEgmx3e1l27RvwO72lwyjfy11hTLrgofP9zEhlqhr3tA30VO8wu9KDgY0UGmMtFTwBqChne0fbDPw2zqr/5YjJp+qamtXTXuJBefZNugBDE80IoPBpLS5+7creLw/yKXO1cx2/79b23sTnH586RuISpwQKsu+7o0QhcNVjcmdO9J4UEfLI5rxaSf7ZoigvB8fXDHpg1XWmX5f6zuS00x1dHMvkJmZiCLp0ohOU1M/MmQvynVL3uN68uG4JMenbHCqJkMNfCV/9zGFvjW9fTYGnlF2dnQpbnNXISLiMX1lbHusvjJiziFJTN9CKvsdRRlPMaY0dB/MoI+HlAA/LvUKjrilnRAHA0kMb2wPmpXLNLmH15mdwc2T5hH3XNdunWHZx7+LEEiwzpJ5WFf6T3Ql4o/ad78krzUEoBZUAx3zWDlxb3OSzOgJ8z0MBK9YkLSVlB6RDcTiSAvGjW3GpZVeHDiq+k3veA4gnreksCNpcal94HUZR7duhaQxV91zLlDURJk8W3yvSg==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR01MB4444.prod.exchangelabs.com;PTR:;CAT:NONE;SFS:(13230022)(4636009)(136003)(346002)(376002)(39860400002)(366004)(396003)(451199015)(83380400001)(4326008)(122000001)(71200400001)(8676002)(5660300002)(41300700001)(6486002)(6916009)(786003)(478600001)(8936002)(76116006)(3480700007)(66476007)(64756008)(66946007)(91956017)(66556008)(66446008)(316002)(33656002)(38070700005)(6506007)(6512007)(26005)(2906002)(86362001)(2616005)(53546011)(38100700002)(75432002)(36756003)(186003);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: WcRSCtcMlsHXEl/M1t/8stYIziBgar527FsKtXN7qDKRAQG1vFzd3XdFKErNEKYVBp0glYUVv1LR0rSuFQiHVYssw6ZpL4IoXdU+bAvtbdCgNhSaLxB0x3/fDWugOYOwjM5hLSdsMBgOuL729S/qk1zP8sVfbGwBhsP0DPBpcEk7OqxeOGwhALMPkyjHi/gZj5n9nz9hklJXs/bDuJFJH+atEehWpcb6z2hlt1Mrb11eRuwwpJ/XzEH7sDYwHoIFxmfUP9RCTdjplnvc/gxy3Rz5hIZ7iGV/jkbbdAtzya4fvlG/jRwvfqssSk7v/zVpJhJ3jNJerm8Y2ggNgaB57PRkQFOQjgPRf5pCRvGwxWa4XrfDG3wSJaWk4+LAvtSpavISnrt5pqBoJ8zvjwxO4mAJpRLnK5fKohAolvXqgWtZFKZSEqowvbumKRg2NGNZCz215W7jEGd6Wp8ekJ26Jq1ytZzxrV6vhbJ6v8rQpkJpHuRyQQnS4jWnXneI+pXVLEIni1Mdzfvp8VDv8YbSwt1B3OfLk4Cq19y8PWamSp8mrNqD7J1cUS//oD02FmIQyrOSjboQOGXxeKoUJ/J2k1Xrw0qE7haLA9ywJpydRaJaAfxCYksurWL9gwV+ZUAbqMnHgqfXj4TP9XzDEXenCDl6t5eM29sULRK4WL2vFY3XTFpOBjCRyTFHm2WF+2Zg/2h+dWMJ5YQWSN7XPcNrQYmRS1JxNeuCfmdF5AWj4+3/BJzsZEfqafbpILNTKHm4COO0p1OpC/sQQbCz19sNwBSQZZi0DcU4LjpZftOiT/c2N/1qvWFVIS2hCuJWvAppbnaL0IPkhjw2SOvU+plSWi5SqyAgpcq03gLgLxB0AYtuCzqzH+I2qHBqXMgFyfxRyuoFVMKFzPnDsB5rRlVzvnAhKBycSRIk8YADnIkCi8bV0Udtodmi20OHU5xYpW44P4KTNxxwEibJpnlhntTgekHejY07SN4PLNmEPp9RL26+/1UuzOFqxj3SD/SiGRkg+iJOamO6dMbVJv4zuW7BADvES3Xb2IDSH7yc+DNW13XwpJNLGK2Zcj7pUuOaRSz94xrjoiPhfoG3dLfoI5al3M+J+D9vFjxG3rHBpXpuuJNLKaLDifeldqaqeW2Z2uO0WEIi1ltpl6PUhp1rVGbV0aEGkx7cTWYG3RSuSP5+i5wJt7IxnDSNp1qv0jka+UsWE81jt3FOFhLqIUD8JLh/4Am9/CbvWw+kgdaBNc+9AF6PNA7XpMY6arWoAsR+K57vW6ij1T0mOKLC9kbVoP868P9vfS6QGbI/Yl/McQCv7rdMYpb4J9ps2lceDf+RTts8Awr36oGYDeu1Q99Lc4GBYNyQn09GM/9ruGgvN4pN+dP5FTKESc7gZvjRSteLywWd5szBwlsvgVV+t7tIs+TZpGqxLIwDNQEF1QtaaIuHjGVLrtUotGgK66RtjlwmgX6ynL9rL7rh+ipC2futrUm5CpSEQ9dKIOoyD0PWYaI5dy8Xqx753UHIr3l+C1labtMunH1LG6+p3dAg2igoSD32cwxjfK3yaeSrnktioJAr3mlUj00eQESLD9WqaxYJyeQl
Content-Type: text/plain; charset="utf-8"
Content-ID: <C187C9BD867C1443A8CF25928E84D5D6@prod.exchangelabs.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR01MB4444.prod.exchangelabs.com
X-MS-Exchange-CrossTenant-Network-Message-Id: bf51b4a7-ff67-4f10-bfb9-08dad47111d1
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Dec 2022 14:25:32.1073 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: +UlL27i6digW7VvB12wBGfU61jHSwAMjSmW0OudcHhIv612IyHgGDS4naGT2xBfm
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR01MB4332
X-OriginatorOrg: mit.edu
X-W3C-Hub-DKIM-Status: validation passed: (address=jricher@mit.edu domain=mit.edu), signature is good
X-W3C-Hub-Spam-Status: No, score=-7.4
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1p16zf-005qRT-EP 3dea2ec6daf9458193f6494ee73476c2
X-Original-To: ietf-http-wg@w3.org
Subject: Re: signatures vs sf-date
Archived-At: <https://www.w3.org/mid/04A5CE20-A291-4FA4-A330-FB1090697EA1@mit.edu>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/40619
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Dec 1, 2022, at 12:16 PM, Julian Reschke <julian.reschke@gmx.de> wrote:
> 
> Hi there.
> 
> Currently the signatures draft relies on structured fields as defined in
> RFC 8941 - that is, without the date type we are currently working on.
> 
> We need to make a few decisions here:
> 
> 1) Should signatures *use* the date type in the field(s) it defines
> ("created" TS)?

It could, but I don’t think it’s worth delaying signatures over. There are two timestamp fields (created and expires) with clear semantics, I don’t see a huge value to waiting. I’d like to hear feedback from implementors about how this would affect their code — I know from my part that I rely on structured field libraries (notably yours on the Java side) that would need to be updated for the new format first.

> 
> 2) When signing parts of a SF shaped field, should it support RFC
> 8941bis in some way?

That should “just work”. If you’re doing SF fields using the SF-bit or anything else that uses strict serialization rules, and your system needs and supports the SFbis definitions, then it should just work. Otherwise if someone sends you something that you can’t parse, well, then you need to figure out how to parse it, right?

I don’t think there’s any change that needs to be made for that. If SFbis gets out the door first (or even has an RFC number first), we can change the reference and call it a day. Or a @DATE. :)

 — Justin

v2.39.1 | Report a Bug | By Email | System Status