Re: Encryption content coding simplification
"Poul-Henning Kamp" <phk@phk.freebsd.dk> Thu, 04 August 2016 10:16 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBAC312D9F3 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 4 Aug 2016 03:16:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.208
X-Spam-Level:
X-Spam-Status: No, score=-8.208 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.287, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MN8Pzw86nKD5 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 4 Aug 2016 03:16:49 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 85E3E12D9FA for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 4 Aug 2016 03:16:42 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1bVFdo-0004jX-GU for ietf-http-wg-dist@listhub.w3.org; Thu, 04 Aug 2016 10:12:40 +0000
Resent-Date: Thu, 04 Aug 2016 10:12:40 +0000
Resent-Message-Id: <E1bVFdo-0004jX-GU@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <phk@phk.freebsd.dk>) id 1bVFdg-0004ih-VL for ietf-http-wg@listhub.w3.org; Thu, 04 Aug 2016 10:12:32 +0000
Received: from phk.freebsd.dk ([130.225.244.222]) by maggie.w3.org with esmtp (Exim 4.80) (envelope-from <phk@phk.freebsd.dk>) id 1bVFde-0005rT-94 for ietf-http-wg@w3.org; Thu, 04 Aug 2016 10:12:31 +0000
Received: from critter.freebsd.dk (unknown [192.168.55.3]) by phk.freebsd.dk (Postfix) with ESMTP id 43C8E273D6; Thu, 4 Aug 2016 10:09:55 +0000 (UTC)
Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.15.2/8.15.2) with ESMTP id u74A9r1O066483; Thu, 4 Aug 2016 10:09:53 GMT (envelope-from phk@phk.freebsd.dk)
To: Martin Thomson <martin.thomson@gmail.com>
cc: HTTP Working Group <ietf-http-wg@w3.org>
In-reply-to: <CABkgnnXCMFRthQRCgvSXVjaMwE8BPTdfUYZHCa2tEwhDQ3RUpA@mail.gmail.com>
From: Poul-Henning Kamp <phk@phk.freebsd.dk>
References: <CABkgnnXCMFRthQRCgvSXVjaMwE8BPTdfUYZHCa2tEwhDQ3RUpA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <66481.1470305393.1@critter.freebsd.dk>
Content-Transfer-Encoding: quoted-printable
Date: Thu, 04 Aug 2016 10:09:53 +0000
Message-ID: <66482.1470305393@critter.freebsd.dk>
Received-SPF: none client-ip=130.225.244.222; envelope-from=phk@phk.freebsd.dk; helo=phk.freebsd.dk
X-W3C-Hub-Spam-Status: No, score=-6.0
X-W3C-Hub-Spam-Report: AWL=-0.825, BAYES_00=-1.9, RP_MATCHES_RCVD=-1.245, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: maggie.w3.org 1bVFde-0005rT-94 71b5693cceeea8ee72d3d07517102d1a
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Encryption content coding simplification
Archived-At: <http://www.w3.org/mid/66482.1470305393@critter.freebsd.dk>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/32185
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
-------- In message <CABkgnnXCMFRthQRCgvSXVjaMwE8BPTdfUYZHCa2tEwhDQ3RUpA@mail.gmail.com>, Martin Thomson writes: >Based on the review from ekr and the discussion at the last meeting, >I've put together a pull request on the encrypted content coding spec >that proposes to remove a bunch of the complexity from the spec. I >think that it's a lot simpler: > >https://github.com/httpwg/http-extensions/pull/218 It certainly is. But relative to the discussion about how many specialized parsers we have forced people to write, this draft seems to add yet another for the new headers. I think we should try to, and easily can avoid that. Content-Encoding: aesgcm, aesgcm Encryption: keyid="mailto:me@example.com"; salt="NfzOeuV5USPRA-n_9s1Lag", keyid="bob/keys/123"; salt="bDMSGoc2uobK_IhavSHsHA"; rs=1200 Keyid, salt and rs are parameters to the Content-Encoding, so in a perfect world, we would send this as: Content-Encoding: aesgcm;keyid="mailto:me@example.com"; salt="NfzOeuV5USPRA-n_9s1Lag", aesgcm;keyid="bob/keys/123"; salt="bDMSGoc2uobK_IhavSHsHA"; rs=1200 That is a non-trivial extension of RFC7231's "content-coding", which may or may not cause existing implementations to needlessly reject these transactions. I suggest we run a few tests to see what happens in the real world. If extending C-E is impractical, we should put the Encryption header on "common structure" form, by having it reference its corresponding token from the C-E header explicitly: Content-Encoding: aesgcm, aesgcm Encryption: aesgcm;keyid="mailto:me@example.com"; salt="NfzOeuV5USPRA-n_9s1Lag", aesgcm;keyid="bob/keys/123"; salt="bDMSGoc2uobK_IhavSHsHA"; rs=1200 That has the added advantage of being a clean extension point past aesgcm down the road: Content-Encoding: aesgcm, caesar Encryption: aesgcm;keyid="mailto:me@example.com"; salt="NfzOeuV5USPRA-n_9s1Lag", caesar;shift=52 But if we've come all this way, we might as well generalize "Encryption" to a "CE-params", that can carry parameters for any C-E: Content-Encoding: aesgcm, caesar, supercompress CE-params: aesgcm;keyid="mailto:me@example.com"; salt="NfzOeuV5USPRA-n_9s1Lag", caesar;shift=5, supercompress;dictionary=11 With this approach the new Crypto-Key header surplus to requirements: The key is simply another parameter, and we avoid having to match the key-id from two different headers with each other, and all the corner-cases that brings: Content-Encoding: aesgcm, caesar, supercompress CE-params: aesgcm;key="csPJEXBYA5U-Tal9EdJi-w"; salt="NfzOeuV5USPRA-n_9s1Lag", caesar;shift=5, supercompress;dictionary=11 And finally, we want a "binary blob" type in the common structure, the two we have here would be marked as such, for instance with the "\#" I proposed in my strawman: Content-Encoding: aesgcm, caesar, supercompress CE-params: aesgcm;key="\#csPJEXBYA5U-Tal9EdJi-w"; salt="\#NfzOeuV5USPRA-n_9s1Lag", caesar;shift=5, supercompress;dictionary=11 Please ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
- Re: Encryption content coding simplification Poul-Henning Kamp
- Encryption content coding simplification Martin Thomson
- Re: Encryption content coding simplification Martin Thomson
- WGLC comment on draft-ietf-httpbis-encryption-enc… Julian Reschke
- Re: WGLC comment on draft-ietf-httpbis-encryption… Poul-Henning Kamp
- RE: WGLC comment on draft-ietf-httpbis-encryption… Mike Bishop
- Re: WGLC comment on draft-ietf-httpbis-encryption… Julian Reschke
- Re: WGLC comment on draft-ietf-httpbis-encryption… Martin Thomson
- Re: WGLC comment on draft-ietf-httpbis-encryption… Julian Reschke
- Re: WGLC comment on draft-ietf-httpbis-encryption… Kari Hurtta
- Re: WGLC comment on draft-ietf-httpbis-encryption… Martin Thomson