Re: Working Group Last Call: The Concealed HTTP Authentication Scheme

David Schinazi <dschinazi.ietf@gmail.com> Wed, 12 June 2024 22:14 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=ietf.org@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA8B7C14F702 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 12 Jun 2024 15:14:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.857
X-Spam-Level:
X-Spam-Status: No, score=-2.857 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="PoUFIdrN"; dkim=pass (2048-bit key) header.d=w3.org header.b="Vgyh4wrR"; dkim=pass (2048-bit key) header.d=gmail.com header.b="kSJbHkGi"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iBmwRw5wgVYB for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 12 Jun 2024 15:14:44 -0700 (PDT)
Received: from mab.w3.org (mab.w3.org [IPv6:2600:1f18:7d7a:2700:d091:4b25:8566:8113]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 81196C14F5F5 for <httpbisa-archive-bis2Juki@ietf.org>; Wed, 12 Jun 2024 15:14:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Content-Type:Cc:To:Message-ID:Date:From:In-Reply-To: References:MIME-Version:Reply-To; bh=+NOpk/6oaZQFcDrzUy/PdZ6UUEouzbdXYUDCoFdybGc=; b=PoUFIdrNXiqgE/5gNz+9CnyyNT rnke2lFv18eMDL8fOE2JgNd8jfqBZDc4HOiU88iAoVrov30137m99QwLjBZWndVJty6vupaLdF8/z Jqun1mXahElRl2Yu1J4hiL791U8pAWL7XqogWgwYATFyY9vnricCpYw9EiX+Mg4loeiSiT4VctxfM /cQNXxFypQQbAPQiMmqv9pKfB8Vy0+/tyq718avhJFp5OtEnVjtHH1TgxMpZ08YPGrtLGdsznOyOs 32pgbIn1xvceDJGy3bTDbaGJdF67HvPkBdxz625mDHXYAfLYctCsoLSuFTgEwXu1+HYK/9ud21yeF k8KiNr3Q==;
Received: from lists by mab.w3.org with local (Exim 4.96) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1sHWE0-000TsW-1X for ietf-http-wg-dist@listhub.w3.org; Wed, 12 Jun 2024 22:13:48 +0000
Resent-Date: Wed, 12 Jun 2024 22:13:48 +0000
Resent-Message-Id: <E1sHWE0-000TsW-1X@mab.w3.org>
Received: from ip-10-0-0-224.ec2.internal ([10.0.0.224] helo=puck.w3.org) by mab.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <dschinazi.ietf@gmail.com>) id 1sHWDz-000Tqb-03 for ietf-http-wg@listhub.w3.internal; Wed, 12 Jun 2024 22:13:47 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Content-Type:Cc:To:Subject:Message-ID:Date:From:In-Reply-To: References:MIME-Version:Reply-To; bh=+NOpk/6oaZQFcDrzUy/PdZ6UUEouzbdXYUDCoFdybGc=; t=1718230427; x=1719094427; b=Vgyh4wrRcNt25GH2ONFat3YD7kz4QTn+pd8tNm8O6eS3oC3VMMBX0Re1AqRhxorYJJBYSiEgpdB WDN5SMefIjq9+3GlPvcTiq5kOflWNZ6ax2g0k/6hqVg1FHgEoc5J/kfKqrFEFOoZFMP6/ljZzRTIh TlSYsz53/m5oQfTG3t2M64Q34bMk0QKO+dh5PO9JQuoIDfaDTl3l+ocFCHw+/7v35Yz8BHF/3nADy yDaJy3snCGja274eB4dxQqr8NF2c706WEMP1v2Ccau/hndmKD3KhlvQkJrz4gbx3wLpeNNscXbIUw mCqzMA1NZgjj8A+radiO1vI833TAhDTg4uKg==;
Received-SPF: pass (puck.w3.org: domain of gmail.com designates 2a00:1450:4864:20::62b as permitted sender) client-ip=2a00:1450:4864:20::62b; envelope-from=dschinazi.ietf@gmail.com; helo=mail-ej1-x62b.google.com;
Received: from mail-ej1-x62b.google.com ([2a00:1450:4864:20::62b]) by puck.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from <dschinazi.ietf@gmail.com>) id 1sHWDy-006y1j-0z for ietf-http-wg@w3.org; Wed, 12 Jun 2024 22:13:46 +0000
Received: by mail-ej1-x62b.google.com with SMTP id a640c23a62f3a-a6e43dad8ecso64003466b.1 for <ietf-http-wg@w3.org>; Wed, 12 Jun 2024 15:13:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1718230422; x=1718835222; darn=w3.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=+NOpk/6oaZQFcDrzUy/PdZ6UUEouzbdXYUDCoFdybGc=; b=kSJbHkGiaOq1yAw0iIhG5YZ+dvnhSBo28+P68Kj6pwHcXIGStw587qHEAsqVtjJzVO 7U1R6Fh+k6QRwURQtoJ2WnUQEzNdSFg4yrcRSKi22FvPrmMSUuBsR6PrVMgzHhnGgIa3 B15LaBa6Ek/28BwshRAiRWQEb/ar1Ukd6VckEtltsd3tij+wspmFBEIIviAlHVndK3o4 bkg5KXiO7P5gwt3D87fblOENddXALM49Fi8U1LzIrQ+r8qVl6KO7SoCsKa0uVjfc8CKU U+/aGcyARiVfkPOW0fK5Blrk+1adTNpht5HmfwB/Kd7jn89gWjB1HsvseuF/B22F4/iw wwVQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718230422; x=1718835222; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=+NOpk/6oaZQFcDrzUy/PdZ6UUEouzbdXYUDCoFdybGc=; b=Bs64E2mx4dDMT7CvptCdr0JcuPGsVDtjC2p/cLRNIyTdmm99J+8gKJG6ZWyuMYsp1Q FG0JMA93DTPo1PY2jrhaBIIF1eYlaOO7/Xnoq6t4jIAQ6gmuL7HV2HuObkvV+kcKoTjQ I+Wrlym03TLcl9DBgICOHqIcJrFFoivRwjIA32t/N8nRyG6AnxnjaTLc2qDzVJVji91z B+hDzLytiot7EGznYuHiWphQxEaFsXV7R/7tHOtQznQw3lyv6g41GTYiYe2hM5T5sIK7 44gMcpBqnN64wnclBHbIlowVfgG70Ngm1wa8XNbyzLslawGJXaRtLbutmb38RHJYtTKp 4yeA==
X-Forwarded-Encrypted: i=1; AJvYcCVLRho1gpugJ0LZqn2BJ+G6g4HAAYAOuFOF6sMAclz49mS+vf/ARih/0jr2dMIdYMnYe7rmBwVD724omV4C8VoevleY
X-Gm-Message-State: AOJu0YwPmqAHdVtdsWWc0qRKdeHluYzUwxciyrZsu6QYu37nrHLTEmbV iYid5nj8MIItEhjp1PB7X4BHWgK2CCLxrrFHdYotv7OXhHw07IEdU/VpeR+rFIJCk+JVGQvgMdq y8qiYet3o/1RKZ1FbqlMPbCQyN8o=
X-Google-Smtp-Source: AGHT+IGjnT9PLyfJI2hYoINq64qpMdtz5u2v+8FbSGhOHShoAFKhgmoi6shkA3HTr89cecB5bmWns05wXlsx7sN6ipI=
X-Received: by 2002:a17:906:ece3:b0:a6f:4392:9ace with SMTP id a640c23a62f3a-a6f5241b1bdmr59995266b.18.1718230422101; Wed, 12 Jun 2024 15:13:42 -0700 (PDT)
MIME-Version: 1.0
References: <4270C5C8-23AA-456C-8AB4-A8B23E83224C@mnot.net> <PH0PR22MB3102545B08A70BF74933F240DAC02@PH0PR22MB3102.namprd22.prod.outlook.com>
In-Reply-To: <PH0PR22MB3102545B08A70BF74933F240DAC02@PH0PR22MB3102.namprd22.prod.outlook.com>
From: David Schinazi <dschinazi.ietf@gmail.com>
Date: Wed, 12 Jun 2024 15:13:31 -0700
Message-ID: <CAPDSy+6wtFnwb8JL5ROf8NMwqvBbrTM159-Tm-ySq5H4wM67aA@mail.gmail.com>
To: Mike Bishop <mbishop@evequefou.be>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>, Tommy Pauly <tpauly@apple.com>
Content-Type: multipart/alternative; boundary="000000000000f3a8e3061ab8b122"
X-W3C-Hub-DKIM-Status: validation passed: (address=dschinazi.ietf@gmail.com domain=gmail.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-6.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: puck.w3.org 1sHWDy-006y1j-0z 7751892e489e7b85753c273af1bff7e6
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Working Group Last Call: The Concealed HTTP Authentication Scheme
Archived-At: <https://www.w3.org/mid/CAPDSy+6wtFnwb8JL5ROf8NMwqvBbrTM159-Tm-ySq5H4wM67aA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/51998
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Thanks Mike. I've merged your editorial PR and written three mostly
editorial PRs to address the issues you filed.
David

On Wed, Jun 12, 2024 at 12:12 PM Mike Bishop <mbishop@evequefou.be> wrote:

> I have reviewed the document and raised a few issues on GitHub. None of
> them are blockers, and I support publication of this document.
>
> -----Original Message-----
> From: Mark Nottingham <mnot@mnot.net>
> Sent: Tuesday, June 11, 2024 3:55 PM
> To: HTTP Working Group <ietf-http-wg@w3.org>
> Cc: Tommy Pauly <tpauly@apple.com>
> Subject: Working Group Last Call: The Concealed HTTP Authentication Scheme
>
> Working Group participants,
>
> This e-mail announces Working Group Last Call for revision 07 of the
> following document:
>   https://datatracker.ietf.org/doc/draft-ietf-httpbis-unprompted-auth/
>
> There are no outstanding issues in GitHub, and the editors indicate that
> they believe it is ready.
>
> Please review the document and raise any issues you find (preferably on
> GitHub, but also acceptable on-list) and indicate whether you support
> publication (or object to it) in response to this message.
>
> Working Group Last Call will end on 27 June 2024.
>
> Cheers,
>
> --
> Mark Nottingham   https://www.mnot.net/
>
>
>
>