AD Review of draft-ietf-httpbis-client-cert-field-04
Francesca Palombini <francesca.palombini@ericsson.com> Mon, 06 February 2023 16:45 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0D8FC1524C8 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 6 Feb 2023 08:45:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.748
X-Spam-Level:
X-Spam-Status: No, score=-7.748 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2p86kilFrfHh for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 6 Feb 2023 08:45:22 -0800 (PST)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 37F8AC1524A3 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 6 Feb 2023 08:45:21 -0800 (PST)
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1pP4Zc-008m3G-4g for ietf-http-wg-dist@listhub.w3.org; Mon, 06 Feb 2023 16:42:32 +0000
Resent-Date: Mon, 06 Feb 2023 16:42:32 +0000
Resent-Message-Id: <E1pP4Zc-008m3G-4g@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <francesca.palombini@ericsson.com>) id 1pP4ZZ-008m2I-7s for ietf-http-wg@listhub.w3.org; Mon, 06 Feb 2023 16:42:29 +0000
Received: from mail-db8eur05on2068.outbound.protection.outlook.com ([40.107.20.68] helo=EUR05-DB8-obe.outbound.protection.outlook.com) by mimas.w3.org with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <francesca.palombini@ericsson.com>) id 1pP4ZY-003a34-7n for ietf-http-wg@w3.org; Mon, 06 Feb 2023 16:42:29 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NDmOuaPpc7eTikMV+vxI/SRtePrYN8CrGaczWzAy/WK2Qlo0yUeMl9MSVBTClmEr/UkMmXp+4LOhsj5nRHflZN8ALgGhvWvzCW/k78GNVy0oqMr9BCTFaxdlMVVERU9nBX9QrdifLcq8cli9HTXFuu+qA2LPJLHC8Fp6wpoNofXjD6LmXBTO1JqM4g6HJ+lCHQBd2mbJZCps08x5QbdTF+JZSPC1JTGP32DyuymF9ic7NrrUzd6RHeXhYg42qDtcAFSNMMnMl5cKadoUCkfqXem+1HzsH7hQs+IkGmK+UPj7Y72eQt1LwOPOlZ0JbbsnidB9Hax1wzvuJpG0DaP32g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=H/o1aU35eZ3lbbNIoPPzTMpQuXgjmWKLwY0dIFFfB+4=; b=VkkFCeok06OQpZvIiSbUAeY9hjKi1/Fo2qP0hfIRZtt/roMcdApOL4cSOU5bmlK/5EZIQF1mYSNCc0Z8yM+ZPhBMCodgW7wOOZY3CcEAVyEP21zfLrPQIfwiqEu2nu9ejcVct11hjAlYaDe6zHp9y4/Cyi/iPzZ6OCJFbj5VRFPRqIMotHmC/vFMFiO00NBOaaCQF3+C1YlCyb6EZ4eiHGA2p9FDGoHKIlzjuhBG4OLxS2hDginWfBfy+cy19jj6Dj93Cg51SoDAtJGtqLnAmfWTzDXtulhd202IDBYYa1shq/3mgs9+bULlBDVMyGR3dAnbb38Bhe0qwN8kuzBVAw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=H/o1aU35eZ3lbbNIoPPzTMpQuXgjmWKLwY0dIFFfB+4=; b=FoI41OfwO286ecBKCD27tjctooohHmU9tmRIh3RI8lQM1zW0ptHPXNqft+IWbU/bBXQgBz5te7wmuWJTRC5WGKZ/ahzIKMN0e6slKx2eLrGzWnnydfiyiW4evSvrCKzUf5GJyqs1ExOZ7B9sMXXTJ5/c/+gzlhvbXblek1dzE1Y=
Received: from AS1PR07MB8616.eurprd07.prod.outlook.com (2603:10a6:20b:474::16) by AM7PR07MB6455.eurprd07.prod.outlook.com (2603:10a6:20b:137::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6064.32; Mon, 6 Feb 2023 16:42:15 +0000
Received: from AS1PR07MB8616.eurprd07.prod.outlook.com ([fe80::8614:9aef:37f9:db1c]) by AS1PR07MB8616.eurprd07.prod.outlook.com ([fe80::8614:9aef:37f9:db1c%5]) with mapi id 15.20.6064.029; Mon, 6 Feb 2023 16:42:14 +0000
From: Francesca Palombini <francesca.palombini@ericsson.com>
To: "draft-ietf-httpbis-client-cert-field@ietf.org" <draft-ietf-httpbis-client-cert-field@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
Thread-Topic: AD Review of draft-ietf-httpbis-client-cert-field-04
Thread-Index: AQHZOknHhvYfm8BbWkyH8GnKzTGSxA==
Date: Mon, 06 Feb 2023 16:41:43 +0000
Message-ID: <AS1PR07MB861609147ABF2C5CAA4F418898DA9@AS1PR07MB8616.eurprd07.prod.outlook.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: AS1PR07MB8616:EE_|AM7PR07MB6455:EE_
x-ms-office365-filtering-correlation-id: 09d9f5c1-3973-4ea5-85fe-08db08611a51
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ZNzyO73sxOnyHjefoQx2dc0bRJpPekXZEHeSsCjWbhPCn0ACfuuRZ+fB1VrY+aCYGwHMvGPUIfnhzaCLTQmkBZk6JEnNnv/5AjVL0Ds7/mToGv1E+bD21aWO/vt6q+BXtGqnw+dgUntdqajfhADFEeAE0S9GDCrD85Lxptsd6mQ+G0MDSMrbwaqQW8gLXD2TfjQclNGSe24FiLN0WSlAnlHLzkBSA6xIfvA1bqjgWFcS6l+b/jETabz72TiBcv52/mXO9IuIIXdIMpewNfOQbrFma1a6Zbe/JCcMydk06rqw/FZKdtILyZE6xOoeAKGXjETCKc2rYesuS3xMLdfESPawS0gnPfTf0UfEF8CY0NoCTJ7AbgH5JwcofvQO/mBBB3QClvmm9GxWheOldqNG0VJdWUgMGs3fsfmVXaeYvU4MVtN7t4oohnlLatDepPPSb+aJeQZotkc52CFzxRhEjl+t67fA3qS+pX7crBiBxBAnbIBGGmCJcixz8sKi9eCRjXln8jTyrRUxs3clm9AswHvX4XC9xpD8B63tTMMf6/J0T32C1Mpol1wWZYXNXAZuXudzGTa9sDTXpcmC2kMDCFlu4cwzt8nO+aMRWuV96CplHpfimy/KvLYZxyd60Bg3p2zZu/046hYEg63Bi8nf3wBKBW37fp2soWOpv3lObc1/Yc76kxBqtJ6S8QwEky18KKN4lQaE39AhqT9n/JvqDc3yLJLKqdG5acJwNyoHSSI/LVXETamYVbUh9qET2DW3sMDLb0H/XLfm1Cd+Efl0OSIOTcRTjnO4mOTfdRhyLBppIrwYMmgSdtYjw2ZfutpX
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AS1PR07MB8616.eurprd07.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230025)(4636009)(39860400002)(136003)(366004)(376002)(396003)(346002)(451199018)(91956017)(66946007)(8676002)(110136005)(316002)(66446008)(5660300002)(76116006)(64756008)(66476007)(8936002)(41300700001)(38100700002)(38070700005)(122000001)(86362001)(33656002)(52536014)(166002)(82960400001)(66556008)(6506007)(9686003)(7696005)(186003)(71200400001)(6666004)(478600001)(55016003)(44832011)(2906002)(966005)(83380400001);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: TqhPt9lCnk1f9wSQKpv7PY05poQ7zUDPz46aOjpMxL06ctwtnVEHNl8kJBJjqTXKjbt2rn2zqE6CpgHOtXjWIFU+pcRc3zmYTgGRnv6HBEHHkpCnbidDR3Acoii18TJ1SMvLg41hdO+8c+9Bhw/HgQmxDCb7Qrn0OF+zuOHAKx0XXXR8uFjd/PQ5Ik5VCX67ephZg7B8I64h7Y3LrrWxRAcp0CzF8vG4FAvt4s/2pgqQcOiF8avE+lbnSR6/6KAVNj7QXeC2lXDHX9ua1kaSt0c5a8yqwdhmUDMSId9iN8GXR1v6cT9NQaPX/8JynIcSk6fEd3ryim3BHr7FbzGlSXwjrxjMBuQ2VtzxQWMZx13XbENXuIqqW6CFb4afArJjHXyNvBiDpYu3akVPi7elAajI9cvD+TtqwGR2T/Tvas+92ib9HLhm50Fup9auy+IJDAK0fzmIwWGyVEXSM+kA5uSW1GGNUmc3hPn/V3UTfB0RmqTvZozh2G+dvAup+ABlIjoaIvGnWEncI2luN7ITYtiNpS3uB6c7jAYctouUr3ARnEFLceeKcQvUDj7Afqm0d0A0mCdVB4f3YwgRgAFTIcneJO6sIYmQZdEJQZnb/UjuH69bZ/6C9yFH6BhaEAzSP1lDI94eOtED/rTjnZO8aoXVh1eN1To4giKMJ2KAExyKZ8+6RTdnRPzOUVaeYFzXKgVIg7UjvW1jcdw7ZoJJ87U2ERV+T50AZM23ruLTEgr9bXHusp4ONOYI3XdSTEKfgo0LHGKevuCPBRnWPttgSEevaWeDL8bW6xh6xBD6oG+bWDSIWMascxqQBNzjcFnS/KcgNTg35BKKa95Eay7h1LD938tZTr6k/IOB/K+FgSWTJR1MT9RQK/UJMl3Iboa8GilCDJw8b4AErKj2eaQw2EUDidypC0pT/ZYXQJMD+SQeAhrJV0l56LgB7SA25515EPtQ3qaauX876yF2vFjVtYxoDZGPaBwKqJ5WHz5kPkX/Lr+dYQW7w9S9nAkR7apzWtHtoneJUB9+BwzbBBKgc8cBLKaTslLAS5+m2MobBOWSBkdOFFelAHrVMXA52RO/v7hlRHUiRltLmlcai3b+/UumB9d3vup/heur2lVGIUfWu+5fx/ZC0PQ/3fOCCDNJ8xyz5Yh0FxaJPDsSwTgoQkCAmkqn+wtlU2j7nZeO5cfn/7MJZwLWqFq80SUe0eTrcHoP+KEhRGjhjvzbdbDDmwBK6tXBPgNc+bcb46tEpIo4+tunOgVDrp+V+nug5GkLt5L3WFy5pIL0SUIk84/T81FbfCUy0YtFt+vtrZ3P5G7CeaoAGUi5E4RnCi4JoZGPhEDO6BHOY/dQ0xH3QDhDQ8yUD5s0Ono7Utl5YGe5VnBMkGFSChyv8suOYxzgjw5o7frDePUP6p13OHONbyguwXvomEMzXed9iX8YI2dIvW8lCIkb/saBmXBfeuuVVMFjTMTIBdWmSve5FTVXPW9BaHO9xBE3QlYeuMYqPbvV/FDuvJBh74rFF9YKd8VBHV9tq9hQ4ngGAQc50RB1i1H7bMoKXefs6MYQZlaPki586sgbrhVXRke6Vj5z6UkjygzSZGuQc7fwt6MUFr+Qw8LfFY6QEAWiNb59HzxSDoSAk5KpiX2Gq1oHHGe4zD+UavyPtuLksQ5InHIRw3pp6mbSon2VyB3Ywn+qOIi9b0D3dPo=
Content-Type: multipart/alternative; boundary="_000_AS1PR07MB861609147ABF2C5CAA4F418898DA9AS1PR07MB8616eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AS1PR07MB8616.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 09d9f5c1-3973-4ea5-85fe-08db08611a51
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Feb 2023 16:42:14.8520 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: gbnr8cDdXuL7XXgcntmzHrbzZkLknzh1osX8Q8Kyvn21YclUupfKdagv3T31JEnwZFYdvViUoqtgDFWC+nxj/uqiX/1HPxYm/ID1nKXcOdkpffnibF0QUYEk4MhNDitn
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR07MB6455
Received-SPF: pass client-ip=40.107.20.68; envelope-from=francesca.palombini@ericsson.com; helo=EUR05-DB8-obe.outbound.protection.outlook.com
X-W3C-Hub-DKIM-Status: validation passed: (address=francesca.palombini@ericsson.com domain=ericsson.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-4.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1pP4ZY-003a34-7n 77ea083839f2ed0481de9e9c688969df
X-Original-To: ietf-http-wg@w3.org
Subject: AD Review of draft-ietf-httpbis-client-cert-field-04
Archived-At: <https://www.w3.org/mid/AS1PR07MB861609147ABF2C5CAA4F418898DA9@AS1PR07MB8616.eurprd07.prod.outlook.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/50684
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
# AD Review of draft-ietf-httpbis-client-cert-field-04 cc @fpalombini Thank you for this document. No major comments from me, only one comment around a normative MUST and some nits, which you can address together with any other last call comments. I also note that the consensus of the wg is for it to be informational, which is fine since I understand this document is meant to be the reference specification for two IANA registrations that are "specification required", but it read to me as a standard track doc. As the wg has discussed and gotten consensus around informational, I don't expect any change, just bringing it up one last time before LC since I expect there might be more comments in LC and IESG eval. ## Comments ### MUST prevent unintended use Section 4: > Therefore, steps MUST be taken to prevent unintended use, both in sending the header field and in relying on its value. This might simply be a formulation problem, but when I read it I am not sure this is a MUST the reader will know how to implement. ## Nits ### Editorial nits Section 4: > The configuration options and request sanitization are necessarily functionally of the respective servers. s/necessarily functionally/necessary functions ? ### Considerations considered Funny title for Appendix B :) Where are the considerations not considered? ## Notes This review is in the ["IETF Comments" Markdown format][ICMF], You can use the [`ietf-comments` tool][ICT] to automatically convert this review into individual GitHub issues. [ICMF]: https://github.com/mnot/ietf-comments/blob/main/format.md [ICT]: https://github.com/mnot/ietf-comments
- AD Review of draft-ietf-httpbis-client-cert-field… Francesca Palombini
- Re: AD Review of draft-ietf-httpbis-client-cert-f… Brian Campbell
- Re: AD Review of draft-ietf-httpbis-client-cert-f… Brian Campbell