IETF Logo Mail Archive

Re: Benjamin Kaduk's Discuss on draft-ietf-httpbis-messaging-16: (with DISCUSS and COMMENT)

Mark Nottingham <mnot@mnot.net> Thu, 17 June 2021 04:23 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 113A43A1A40 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 16 Jun 2021 21:23:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.749
X-Spam-Level:
X-Spam-Status: No, score=-2.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mnot.net header.b=rMzqCVGG; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=JgPWqQlu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1VE7jOBkjEZL for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 16 Jun 2021 21:23:48 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 826AF3A1A3C for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 16 Jun 2021 21:23:47 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1ltjWI-0001y6-7i for ietf-http-wg-dist@listhub.w3.org; Thu, 17 Jun 2021 04:20:48 +0000
Resent-Date: Thu, 17 Jun 2021 04:20:46 +0000
Resent-Message-Id: <E1ltjWI-0001y6-7i@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <mnot@mnot.net>) id 1ltjVa-0001wl-R1 for ietf-http-wg@listhub.w3.org; Thu, 17 Jun 2021 04:20:05 +0000
Received: from out1-smtp.messagingengine.com ([66.111.4.25]) by titan.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <mnot@mnot.net>) id 1ltjVU-0005NY-37 for ietf-http-wg@w3.org; Thu, 17 Jun 2021 04:20:00 +0000
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 10B165C0158; Thu, 17 Jun 2021 00:19:43 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Thu, 17 Jun 2021 00:19:43 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mnot.net; h= content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; s=fm3; bh=Q lzKc6NPAiIepZ7wiE8IX594O1zRh2wWmFvseCoEBwo=; b=rMzqCVGG+H+amGbFr jXixNhIELnKbj9cg8Gm+3eAWdeFkyZKzmtU/2mpjlUi7oG0DNmQ3zRewuwVc2Wc/ NIpGr01fO6k4uZ+NQ2qCW2HdjQL1Vr3JrEcHA4dDBGb4tPvq7Msq3PUrgVuQ4TR9 2D7ablD3+dAxqFwRkc+wR42u7SYGhx92hnGuGhWylWD67CDgkDhVS30Ps6LnayBH oFCq5haW8qBd1Qhn7Nxu0iGxwlo5H4/MPVlLXNjLbYZLe/c/Yj0RNfu+jMd9Ldig FB8J+crYIyH9WUVHfkAMZRdUYC4cTQ0ANY8cvK+HQ9DKj5TdsLbsHUcU0G3Ws/8t rEhng==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm3; bh=QlzKc6NPAiIepZ7wiE8IX594O1zRh2wWmFvseCoEB wo=; b=JgPWqQluOv0dTTWuaLQwh6JnXLTUuhIHmHuC7l8xN9Za/BbzTtyn/jpeH x2EaW8kd2RgIphRZvZjKKEFsyc3ZGHMccUr7ahbAIsBAD9l51UuNusg3LSx8tViK 8rvHF3ULNMDs6BvUp5MEwdednsixWmwlZh10UZ98bicILKvz8WX8JlNfEmSlYAU2 T4ImrBrg5lTXJeUt+BuQY9R8wzTWdz4hZMVBOUb47pPGqpmoilhvzo8H8HVPmHra 9Hdi7iWUiGzi8MYhjDTSLvB73V7YWHAh4NqiCkG9bhl+qdDtGOYmU4QN4BHj8spw stkJJ1ipd5SGdcCZLQamm6cLzUlHw==
X-ME-Sender: <xms:Xc3KYO8hUzvm3gpAn1BSFR8YJhQzI79m5Tf2FKDdPcFEPVm4GTNK3g> <xme:Xc3KYOtILMXsDsxZFtpVnZkugMJZ04Rn7EdcKspMfBlFU0pXQ7a9MSTfnLAmNC_Ux ZFVfgScOHjH2M82jg>
X-ME-Received: <xmr:Xc3KYECGYrdPQt_rgBD5VBiF2_EAu-RvIFUHxhNoM4cHIFQVI9TPUzhYj-yYHJS_H51U4ty3rCIW--6Aeq4xW2GF-9bC-WwhXhO460PSGZalVvQwO610WzTB>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrfeeftddgjeejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurheptggguffhjgffgffkfhfvofesthhqmhdthhdtjeenucfhrhhomhepofgrrhhk ucfpohhtthhinhhghhgrmhcuoehmnhhothesmhhnohhtrdhnvghtqeenucggtffrrghtth gvrhhnpedugffhkeeltddtieetvdeltdfgudeiuedtkeejteevffeiueffgfevtdfhjedt udenucffohhmrghinhephhhtthhpfihgrdhorhhgpdhhthhtphefrdhofhhfpdhmnhhoth drnhgvthenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhm pehmnhhothesmhhnohhtrdhnvght
X-ME-Proxy: <xmx:Xc3KYGcVdCGaSbFNcqkKM3PoAH29KkvBtRYI9plACcNznxbFWFaD6g> <xmx:Xc3KYDNr39K_VidyBxb6QAlHWQArnjC0gFh1n8SBPSdfoxaDM1nFOA> <xmx:Xc3KYAkTWxEgmH03cC0ytG_xR6wIt_ElWueyNvSj91QJSvBjSRxPsw> <xmx:X83KYMh-v2HXhTF_oLkrOeQSQJruJyAHZJy2Of-Fc5pDJ5fVfLELMg>
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 17 Jun 2021 00:19:39 -0400 (EDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.100.0.2.22\))
From: Mark Nottingham <mnot@mnot.net>
In-Reply-To: <20210617031531.GU11634@kduck.mit.edu>
Date: Thu, 17 Jun 2021 14:19:36 +1000
Cc: Martin Thomson <mt@lowentropy.net>, The IESG <iesg@ietf.org>, draft-ietf-httpbis-messaging@ietf.org, httpbis-chairs@ietf.org, ietf-http-wg@w3.org, tpauly@apple.com
Content-Transfer-Encoding: quoted-printable
Message-Id: <812453F4-E080-442B-9E2D-7C8FE5374639@mnot.net>
References: <162389376384.2031.14383558836768559852@ietfa.amsl.com> <83B4B04D-0B2B-4A79-B178-28F08467847C@mnot.net> <20210617031531.GU11634@kduck.mit.edu>
To: Benjamin Kaduk <kaduk@mit.edu>
X-Mailer: Apple Mail (2.3654.100.0.2.22)
Received-SPF: pass client-ip=66.111.4.25; envelope-from=mnot@mnot.net; helo=out1-smtp.messagingengine.com
X-W3C-Hub-DKIM-Status: validation passed: (address=mnot@mnot.net domain=mnot.net), signature is good
X-W3C-Hub-DKIM-Status: validation passed: (address=mnot@mnot.net domain=messagingengine.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-9.8
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1ltjVU-0005NY-37 65fbb7ba2fd6883f7944362d4879806c
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Benjamin Kaduk's Discuss on draft-ietf-httpbis-messaging-16: (with DISCUSS and COMMENT)
Archived-At: <https://www.w3.org/mid/812453F4-E080-442B-9E2D-7C8FE5374639@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/38908
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

> On 17 Jun 2021, at 1:15 pm, Benjamin Kaduk <kaduk@mit.edu> wrote:
> 
> I guess there's two parts, here: "take the scheme from the request-target"
> seems to fall pretty clearly from §3.3's "the target URI is the
> request-target".  Getting from that to "engage processing for the https
> origin" is something more of a leap, and I confess that I was just relying
> on the intuition I developed over the couple days I spent enjoying
> -semantics earlier in the week and did not go digging for specific
> references in -semantics to support that statement.  The origin triple for
> a URI derives from the scheme (looking now, that's §4.3.1 of -semantics),
> and so my intuition was presumably trying to extend that to how the
> namespace is per origin and accordingly the resource representation that
> would be returned in response to the request in question.  I don't know if
> there are other places in -semantics that give more specifics on how or
> whether the target URI affects the origin/namespace that the origin server
> uses to service the request.

There *should* be as clear and consistent difference between the request-target (the on-the-wire component in HTTP/1.1) and the target uri / target resource, which is the version-independent concept in semantics. All of the requirements for things like this should be pointed at target [uri, resource], not the request-target.

If that's not the case somewhere, or we could make that more clear, a pointer or a suggestion would be welcome.

Martin commented:

> I think that this question doesn't really read on -messaging, but more 
> on -semantics.  However, I am not seeing any requirement on the server 
> to ensure that the response it generates is secured.
> 
> s 4.2.2 of semantics -- 
> https://httpwg.org/http-core/draft-ietf-httpbis-semantics-latest.html#https.uri
> 
>> A client MUST ensure that its HTTP requests for an "https" resource are secured, prior to being communicated, and that it only accepts secured responses to those requests. Note that the definition of what cryptographic mechanisms are acceptable to client and server are usually negotiated and can change over time.
> 
> No similar requirement is made of the server.  It would be trivial to 
> impose a similar requirement on servers in that same paragraph.

I don't think that helps, at least in the case of HTTP/1.1. There, the server is responsible for setting the correct scheme for the target URI when a request is received; the security properties of the request and response follow from that. Effectively, it's not under attacker control.

However, I don't see any equivalent mechanism regarding :scheme in http/2 bis  or http/3. Off the cuff, I tend to think that security considerations about this probably belong on both of those specs.

Cheers,

--
Mark Nottingham   https://www.mnot.net/

v2.23.0 | Report a Bug | By Email