IETF Logo Mail Archive

Re: #148: Reasonable Assurances and H2C

Mark Nottingham <mnot@mnot.net> Fri, 26 February 2016 01:02 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 033391A037E for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 25 Feb 2016 17:02:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.908
X-Spam-Level:
X-Spam-Status: No, score=-6.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.006, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pT4cod0nY2qQ for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 25 Feb 2016 17:02:04 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E78D21A0174 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 25 Feb 2016 17:02:03 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1aZ6hy-0004AC-KO for ietf-http-wg-dist@listhub.w3.org; Fri, 26 Feb 2016 00:56:38 +0000
Resent-Date: Fri, 26 Feb 2016 00:56:38 +0000
Resent-Message-Id: <E1aZ6hy-0004AC-KO@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1aZ6ht-000490-LV for ietf-http-wg@listhub.w3.org; Fri, 26 Feb 2016 00:56:33 +0000
Received: from mxout-07.mxes.net ([216.86.168.182]) by lisa.w3.org with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1aZ6hr-0005GP-UW for ietf-http-wg@w3.org; Fri, 26 Feb 2016 00:56:33 +0000
Received: from [192.168.1.101] (unknown [120.149.194.112]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id F191722E25F; Thu, 25 Feb 2016 19:56:06 -0500 (EST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <CABkgnnWAbKY8RZ5gvjPan3M_-XpjFSau0yDN97H=CfLb0DNL2g@mail.gmail.com>
Date: Fri, 26 Feb 2016 11:56:03 +1100
Cc: HTTP WG <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <2DDC5527-43AC-4BD2-8ED9-F68D747A7E0C@mnot.net>
References: <20160209074851.32332.24065.idtracker@ietfa.amsl.com> <20160209182822.C37A959F@welho-filter2.welho.com> <B7164F24-DDA1-4753-8A8B-04809B1965FF@mnot.net> <CAC4RtVCCExJNE0y8480vC1W56NP4XhzfvLs+ASh1Qy-UcDPBNw@mail.gmail.com> <C2145C5A-0255-43F9-A44A-F6C7974CDD4C@mnot.net> <CABkgnnW3-c1qaC_N2UP5TLnPS0rrOYjOYFb4nhUzfQ_8AFsTJA@mail.gmail.com> <072D900D-422E-4168-8DCF-51A739BC9E5A@mnot.net> <CABkgnnWAbKY8RZ5gvjPan3M_-XpjFSau0yDN97H=CfLb0DNL2g@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>, Kari Hurtta <hurtta-ietf@elmme-mailer.org>
X-Mailer: Apple Mail (2.3112)
Received-SPF: pass client-ip=216.86.168.182; envelope-from=mnot@mnot.net; helo=mxout-07.mxes.net
X-W3C-Hub-Spam-Status: No, score=-7.9
X-W3C-Hub-Spam-Report: AWL=0.973, BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: lisa.w3.org 1aZ6hr-0005GP-UW 9b38e31d3efc379cbbd5dbf28598f10c
X-Original-To: ietf-http-wg@w3.org
Subject: Re: #148: Reasonable Assurances and H2C
Archived-At: <http://www.w3.org/mid/2DDC5527-43AC-4BD2-8ED9-F68D747A7E0C@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/31101
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

I've taken a stab at this:
  https://github.com/httpwg/http-extensions/commit/f1024d233157e

Please review.

Cheers,


> On 20 Feb 2016, at 1:44 PM, Martin Thomson <martin.thomson@gmail.com> wrote:
> 
> On 19 February 2016 at 18:40, Mark Nottingham <mnot@mnot.net> wrote:
>> "For the purposes of this document, "reasonable assurances" can be established through use of a TLS-based protocol with the certificate checks defined in RFC2818. Other means of establishing them MUST be documented in an RFC that updates this specification. Clients MAY impose additional criteria for establishing reasonable assurances."
> 
> That looks good.  I don't think that it helps to note that in practice
> "MAY" becomes "will".
> 

--
Mark Nottingham   https://www.mnot.net/

v2.30.2 | Report a Bug | By Email | System Status