Re: ID for Immutable
Alex Rousskov <rousskov@measurement-factory.com> Fri, 28 October 2016 18:17 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1A1712941C for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 28 Oct 2016 11:17:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.352
X-Spam-Level:
X-Spam-Status: No, score=-7.352 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.431, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IWLZX1keih1w for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 28 Oct 2016 11:17:31 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2B13129593 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 28 Oct 2016 11:17:31 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1c0Beu-0003Az-Fm for ietf-http-wg-dist@listhub.w3.org; Fri, 28 Oct 2016 18:13:40 +0000
Resent-Date: Fri, 28 Oct 2016 18:13:40 +0000
Resent-Message-Id: <E1c0Beu-0003Az-Fm@frink.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by frink.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <rousskov@measurement-factory.com>) id 1c0Bep-00039T-Ps for ietf-http-wg@listhub.w3.org; Fri, 28 Oct 2016 18:13:35 +0000
Received: from mail.measurement-factory.com ([104.237.131.42]) by mimas.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <rousskov@measurement-factory.com>) id 1c0Bej-0003ax-Ur for ietf-http-wg@w3.org; Fri, 28 Oct 2016 18:13:30 +0000
Received: from [65.102.233.169] (unknown [65.102.233.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.measurement-factory.com (Postfix) with ESMTPSA id 76C2AE057; Fri, 28 Oct 2016 18:13:07 +0000 (UTC)
To: Patrick McManus <pmcmanus@mozilla.com>
References: <CAOdDvNqam930_0eA1p3yHW+xDdOm0AAMKvVKe6xwNwm1itpRpQ@mail.gmail.com> <f9f0e413-1fbb-1faa-833b-5dc7d7ea1fdc@measurement-factory.com> <CAOdDvNqTabR3zpRgjJVkBPdBVcOboCbG=5b6x+mKauwB1-w=Pw@mail.gmail.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
From: Alex Rousskov <rousskov@measurement-factory.com>
Message-ID: <e62c65c8-6366-5b76-491b-47cba7cbbd6b@measurement-factory.com>
Date: Fri, 28 Oct 2016 12:12:55 -0600
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:45.0) Gecko/20100101 Thunderbird/45.3.0
MIME-Version: 1.0
In-Reply-To: <CAOdDvNqTabR3zpRgjJVkBPdBVcOboCbG=5b6x+mKauwB1-w=Pw@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Received-SPF: pass client-ip=104.237.131.42; envelope-from=rousskov@measurement-factory.com; helo=mail.measurement-factory.com
X-W3C-Hub-Spam-Status: No, score=-6.0
X-W3C-Hub-Spam-Report: AWL=-0.632, BAYES_00=-1.9, RP_MATCHES_RCVD=-1.418, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1c0Bej-0003ax-Ur 00988571d2ce166889f3fed22686147c
X-Original-To: ietf-http-wg@w3.org
Subject: Re: ID for Immutable
Archived-At: <http://www.w3.org/mid/e62c65c8-6366-5b76-491b-47cba7cbbd6b@measurement-factory.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/32715
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
On 10/28/2016 11:21 AM, Patrick McManus wrote: > I do believe the lack of integrity protection in plaintext transfer is > an important security consideration for immutable that suggests they > should not be used together. I'm open to other wording on it for sure.. > https:// might be sufficient here. Sounds good. A more general "SHOULD ignore immutable for resources received without integrity protection" wording would allow proxies to legally honor the immutable setting in most cases (after breaking a hundred MUSTs to get to it inside https, naturally). Thank you, Alex. > On Fri, Oct 28, 2016 at 12:50 PM, Alex Rousskov wrote: > > On 10/26/2016 03:02 PM, Patrick McManus wrote: > > > o Clients should ignore immutable for resources that are not > part of > > a secure context [SECURECONTEXTS]. > > Please think of the children^H^H^H^H proxies. AFAICT, "secure contexts" > are currently a user agent concept. If the above "should" is meant to be > a "SHOULD", then the draft automatically disqualifies most proxies from > legally utilizing this promising "ignore reload" mechanism. > > > Thank you, > > Alex. > >
- ID for Immutable Patrick McManus
- Re: ID for Immutable Amos Jeffries
- RE: ID for Immutable Mike Bishop
- Re: ID for Immutable Pete Wildsmith
- Re: ID for Immutable Ben Maurer
- Re: ID for Immutable Patrick McManus
- Re: ID for Immutable Patrick McManus
- Re: ID for Immutable Amos Jeffries
- Re: ID for Immutable Patrick McManus
- Re: ID for Immutable Amos Jeffries
- Re: ID for Immutable Kari Hurtta
- Re: ID for Immutable Patrick McManus
- Re: ID for Immutable Patrick McManus
- Re: ID for Immutable Kari Hurtta
- Re: ID for Immutable Kari Hurtta
- Re: ID for Immutable Alex Rousskov
- Re: ID for Immutable Alex Rousskov
- Re: ID for Immutable Patrick McManus
- Re: ID for Immutable Alex Rousskov
- Re: ID for Immutable Kari Hurtta
- Re: ID for Immutable Kari Hurtta
- Re: ID for Immutable Kari Hurtta
- Re: ID for Immutable Martin Thomson
- Re: ID for Immutable Patrick McManus
- Re: ID for Immutable Patrick McManus
- Re: ID for Immutable Patrick McManus
- Re: ID for Immutable Amos Jeffries
- Re: ID for Immutable Amos Jeffries
- Re: ID for Immutable Leif Hedstrom
- Re: ID for Immutable Amos Jeffries