Re: [Moderator Action] Kathleen Moriarty's Discuss on draft-ietf-httpbis-tunnel-protocol-04: (with DISCUSS and COMMENT)
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Wed, 10 June 2015 08:06 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 99C211ACD2C for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 10 Jun 2015 01:06:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.31
X-Spam-Level:
X-Spam-Status: No, score=-6.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, HTML_MESSAGE=0.001, J_CHICKENPOX_61=0.6, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TppHLfy_YMJU for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 10 Jun 2015 01:06:42 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B32FD1ACD32 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 10 Jun 2015 01:06:42 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1Z2ayp-0002jP-5f for ietf-http-wg-dist@listhub.w3.org; Wed, 10 Jun 2015 08:03:23 +0000
Resent-Message-Id: <E1Z2ayp-0002jP-5f@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <ylafon@w3.org>) id 1Z2ayi-0002iM-EZ for ietf-http-wg@listhub.w3.org; Wed, 10 Jun 2015 08:03:16 +0000
Received: from raoul.w3.org ([128.30.52.128]) by maggie.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <ylafon@w3.org>) id 1Z2ayh-0001GR-2r for ietf-http-wg@w3.org; Wed, 10 Jun 2015 08:03:15 +0000
Received: from homard.platy.net ([80.67.176.7] helo=[192.168.1.36]) by raoul.w3.org with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.80) (envelope-from <ylafon@w3.org>) id 1Z2ayg-0005jo-FJ for ietf-http-wg@w3.org; Wed, 10 Jun 2015 08:03:14 +0000
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2098\))
Content-Type: multipart/alternative; boundary="Apple-Mail=_9FECC012-3E3E-4F54-9C47-5014F4D6D206"
To: Martin Thomson <martin.thomson@gmail.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
In-Reply-To: <CABkgnnW4EUhE+GTfm-N-GT9b_uh-nnZ7Ou__7C7ahRZYARekaA@mail.gmail.com>
Resent-From: Yves Lafon <ylafon@w3.org>
Date: Wed, 10 Jun 2015 02:26:11 +0000
Cc: The IESG <iesg@ietf.org>, httpbis-chairs@ietf.org, Mark Nottingham <mnot@mnot.net>, draft-ietf-httpbis-tunnel-protocol.shepherd@ietf.org, draft-ietf-httpbis-tunnel-protocol.ad@ietf.org, draft-ietf-httpbis-tunnel-protocol@ietf.org, HTTP Working Group <ietf-http-wg@w3.org>
Resent-Date: Wed, 10 Jun 2015 10:03:14 +0200
Message-Id: <CAHbuEH5BZ7kewNsk-NCiJYfR3RbYnsqSnBugAwfZ-6=-EYkr1Q@mail.gmail.com>
X-Name-Md5: efe3dad792d606410c9cc49cedaffc94
References: <20150609205915.29041.3629.idtracker@ietfa.amsl.com> <CABkgnnW4EUhE+GTfm-N-GT9b_uh-nnZ7Ou__7C7ahRZYARekaA@mail.gmail.com>
Resent-To: ietf-http-wg@w3.org
X-Mailer: Apple Mail (2.2098)
X-W3C-Hub-Spam-Status: No, score=-0.0
X-W3C-Hub-Spam-Report: ALL_TRUSTED=-1, BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, NML_ADSP_CUSTOM_MED=0.9, T_RP_MATCHES_RCVD=-0.01, W3C_NW=1
X-W3C-Scan-Sig: maggie.w3.org 1Z2ayh-0001GR-2r fc20fe598c048a98312a62560d6e4b0d
X-Original-To: ietf-http-wg@w3.org
Subject: Re: [Moderator Action] Kathleen Moriarty's Discuss on draft-ietf-httpbis-tunnel-protocol-04: (with DISCUSS and COMMENT)
Archived-At: <http://www.w3.org/mid/CAHbuEH5BZ7kewNsk-NCiJYfR3RbYnsqSnBugAwfZ-6=-EYkr1Q@mail.gmail.com>
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/29747
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hi Martin, On Tue, Jun 9, 2015 at 6:26 PM, Martin Thomson <martin.thomson@gmail.com <mailto:martin.thomson@gmail.com>> wrote: Hi Kathleen, I've responded separately to the secdir review. There was a lot of overlap between that and Stephen's review. Yes, thank you for your response. I'm sorry you didn't see my No Objection before responding to this as I did see the discussion and the responses shortly after issuing the discuss and changed it. Thanks for your work on this draft. Kathleen On 9 June 2015 at 13:59, Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com <mailto:Kathleen.Moriarty.ietf@gmail.com>> wrote: > It seems to me that authentication relies on TLS. Maybe stating this > explicitly would address the concern? Is there a reason this should be > in the ALPN header(I'm not sure of that, just asking)? We're not actually authenticating this stuff. As I noted in my other response, this is a promise that the client makes and one that the proxy cannot enforce (because, TLS). So the real uses for this header field are: prioritization (move connections from slow and fat pipes to fast and thin pipes, maybe), or early and cleaner denial. The latter allows the proxy to quickly generate an HTTP status code without having to do DPI or whatever other eldritch horrors they currently are forced to do to recognize and deny things they don't want. The WebRTC case is interesting, because you can actually have some assurance about the trustworthiness of the header field. If you trust the browsers, that is (though I'm not advocating that, browser people are the most untrustworthy). -- Best regards, Kathleen
- Re: Kathleen Moriarty's Discuss on draft-ietf-htt… Martin Thomson
- Kathleen Moriarty's Discuss on draft-ietf-httpbis… Kathleen Moriarty
- Re: [Moderator Action] Kathleen Moriarty's Discus… Kathleen Moriarty