IETF Logo Mail Archive

Re: [jose] POLL(s): header criticality

Breno de Medeiros <breno@google.com> Wed, 06 February 2013 17:11 UTC

Return-Path: <breno@google.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC37321F85CC for <jose@ietfa.amsl.com>; Wed, 6 Feb 2013 09:11:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.977
X-Spam-Level:
X-Spam-Status: No, score=-102.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nB3jlElV2Qk9 for <jose@ietfa.amsl.com>; Wed, 6 Feb 2013 09:11:50 -0800 (PST)
Received: from mail-ob0-f171.google.com (mail-ob0-f171.google.com [209.85.214.171]) by ietfa.amsl.com (Postfix) with ESMTP id 0429221F84FC for <jose@ietf.org>; Wed, 6 Feb 2013 09:11:49 -0800 (PST)
Received: by mail-ob0-f171.google.com with SMTP id x4so1554930obh.30 for <jose@ietf.org>; Wed, 06 Feb 2013 09:11:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type:content-transfer-encoding; bh=wUMfk7fOZKj25/R9sPQWxpB5zuGvdIVG0Ekoa3KZyGc=; b=KHSFAFE7/Nk5vh91OA/B3qigYxRIQPaxdh9PmmTmmqqf9P24QHlRn72Ex0tO661pwk ZuEavNWFL4a8yb7UoT2I1oXJIE2G0IL7N/27DHdQDA48tYE0guZSppH2Z+8B3Q4VlyVl UE0Gy65q9xEnItJtS6V6nmcZpx5XvYT8K/t/LnaOSpg0jpBY2GM4G13xqUlJsmfWRdCQ i8gIMYRtgZLZlrkm8/ch5JmfFREtoR9KXdtomLaVEsy1zB6FCqhqsLDz4DdfspQC7qAm d1InGPalkHXmVWrgKYNZpju6PQH5rtlqUjVo8hlVz+8GSovNFomCAw1f5ZxSCsMPRddM e+Tg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type:content-transfer-encoding :x-gm-message-state; bh=wUMfk7fOZKj25/R9sPQWxpB5zuGvdIVG0Ekoa3KZyGc=; b=bPlRuD9mW6zk3CI63hHx5QBJMpED6gT8ZNYIgVhwZRaJmA1x5okExAPxV0Qa1uZjxr FsNzA2B3yebOREWPUkR3IYFQA3XiFUZHBkl8IByOel6g39Jm6fs6NWS6KdB16uOSO9HP VR7KZumQt0p3icvK/mSq3umTe4xMD5R/alnwfU6/QEU8Udz2V26BP1ReB5DN59oFVgoi 0OLoTT98qefzP60WrsC78mLaEZDp9dIKWU0uj5joej+YrvUTak5I6DOi+oIxP3xVoaSA Z2vJnTJMbZZrEu5Gacx9QnnnO5InTOja65Okh9oGTsuvtIaSmvpc4RmgjVKTCxDWhdgD TpaQ==
MIME-Version: 1.0
X-Received: by 10.182.8.70 with SMTP id p6mr21423293oba.90.1360170709502; Wed, 06 Feb 2013 09:11:49 -0800 (PST)
Received: by 10.182.75.69 with HTTP; Wed, 6 Feb 2013 09:11:49 -0800 (PST)
In-Reply-To: <77177F76-6BC1-467A-8771-F2E1B7AEC7B4@gmail.com>
References: <510FCA42.5000704@isoc.org> <77177F76-6BC1-467A-8771-F2E1B7AEC7B4@gmail.com>
Date: Wed, 06 Feb 2013 09:11:49 -0800
Message-ID: <CAAJ++qE=nA_gxJGjYaaSXeja0xum2_qAswncLSdUY5i0zDnbfA@mail.gmail.com>
From: Breno de Medeiros <breno@google.com>
To: Dick Hardt <dick.hardt@gmail.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQnihCqOsvt0bla7wgsLf+DtUvZ52If1nIpDrXuPgi76jsjzM9FVUFwot+gEEsiN5SYMHrAtqVgukNDQXaOqBDQq/2U8m1m15GI/PwbucCFi6t/srx7BebMoaQfsrpQIfXst0yf9dkTqojcbdppnWerISJ4OF553zng08+ebCgYZzf8NYgDvp4vUePOkVIGZ8GTNud76
Cc: "jose@ietf.org" <jose@ietf.org>, odonoghue@isoc.org
Subject: Re: [jose] POLL(s): header criticality
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Feb 2013 17:11:50 -0000

FIRST POLL: Yes

SECOND POLL: YES

THIRD POLL: B

On Wed, Feb 6, 2013 at 9:03 AM, Dick Hardt <dick.hardt@gmail.com> wrote:
> FIRST POLL: Yes
>
> SECOND POLL: YES
>
> THIRD POLL: B
>
> On Feb 4, 2013, at 6:48 AM, Karen O'Donoghue <odonoghue@isoc.org> wrote:
>
>> Folks,
>>
>> I am wrestling with how to help drive consensus on the topic of criticality of headers. For background, please review the current specification text, the minutes to the Atlanta meeting (IETF85), and the mailing list (especially the discussion in December with (Subj: Whether implementations must understand all JOSE header fields)). We need to come to closure on this issue in order to progress the specifications.
>>
>> As a tool to gather further information on determining a way forward, the following polls have been created. Please respond before 11 February 2013.
>>
>> Thanks,
>> Karen
>>
>> *******************
>> FIRST POLL: Should all header fields be critical for implementations to understand?
>>
>> YES – All header fields must continue to be understood by implementations or the input must be rejected.
>>
>> NO – A means of listing that specific header fields may be safely ignored should be defined.
>>
>> ********************
>> SECOND POLL: Should the result of the first poll be "YES", should text like the following be added? “Implementation Note: The requirement to understand all header fields is a requirement on the system as a whole – not on any particular level of library software. For instance, a JOSE library could process the headers that it understands and then leave the processing of the rest of them up to the application. For those headers that the JOSE library didn’t understand, the responsibility for fulfilling the ‘MUST understand’ requirement for the remaining headers would then fall to the application.”
>>
>> YES – Add the text clarifying that the “MUST understand” requirement is a requirement on the system as a whole – not specifically on JOSE libraries.
>>
>> NO – Don’t add the clarifying text.
>>
>> ************************
>> THIRD POLL: Should the result of the first poll be "NO", which syntax would you prefer for designating the header fields that may be ignored if not understood?
>>
>> A – Define a header field that explicitly lists the fields that may be safely ignored if not understood.
>>
>> B – Introduce a second header, where implementations must understand all fields in the first but they may ignore not-understood fields in the second.
>>
>> C - Other??? (Please specify in detail.)
>> _______________________________________________
>> jose mailing list
>> jose@ietf.org
>> https://www.ietf.org/mailman/listinfo/jose
>
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose



-- 
--Breno

v2.23.0 | Report a Bug | By Email