IETF Logo Mail Archive

Re: [kitten] Review of draft-ietf-kitten-channel-bound-flag-04

Greg Hudson <ghudson@mit.edu> Wed, 27 February 2019 17:25 UTC

Return-Path: <ghudson@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F191213102A for <kitten@ietfa.amsl.com>; Wed, 27 Feb 2019 09:25:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mit.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VifABVn2Mszh for <kitten@ietfa.amsl.com>; Wed, 27 Feb 2019 09:25:43 -0800 (PST)
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-eopbgr740131.outbound.protection.outlook.com [40.107.74.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0271C130EE1 for <kitten@ietf.org>; Wed, 27 Feb 2019 09:25:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mit.edu; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YeVNaVsSG6nG2APuPsB7OcHr1TmEU4DrLNXwlwcCM5M=; b=FP7F2zrEuCNlB/vSTv8aHcU+P4gwNqIc5iLk4x51fKJP+NDKKp/d8CLBHwXReb/93a9fClmetKoeAnomWxXuWSFJYJ1wfSJG1KpWANGEsiEpMkQotitiDgLULbaWIXsSGdVKR6HDCTARvgoIUUZzlTjMs4I/v9TGr4W3Vrdw+H4=
Received: from DM5PR0102CA0014.prod.exchangelabs.com (2603:10b6:4:9c::27) by BN8PR01MB5604.prod.exchangelabs.com (2603:10b6:408:be::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1665.15; Wed, 27 Feb 2019 17:25:40 +0000
Received: from DM3NAM03FT053.eop-NAM03.prod.protection.outlook.com (2a01:111:f400:7e49::202) by DM5PR0102CA0014.outlook.office365.com (2603:10b6:4:9c::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1643.18 via Frontend Transport; Wed, 27 Feb 2019 17:25:39 +0000
Authentication-Results: spf=pass (sender IP is 18.9.28.11) smtp.mailfrom=mit.edu; mit.edu; dkim=none (message not signed) header.d=none;mit.edu; dmarc=bestguesspass action=none header.from=mit.edu;
Received-SPF: Pass (protection.outlook.com: domain of mit.edu designates 18.9.28.11 as permitted sender) receiver=protection.outlook.com; client-ip=18.9.28.11; helo=outgoing.mit.edu;
Received: from outgoing.mit.edu (18.9.28.11) by DM3NAM03FT053.mail.protection.outlook.com (10.152.83.181) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1643.13 via Frontend Transport; Wed, 27 Feb 2019 17:25:39 +0000
Received: from [18.101.8.221] (VPN-18-101-8-221.MIT.EDU [18.101.8.221]) (authenticated bits=0) (User authenticated as ghudson@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x1RHPaHs006669 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Wed, 27 Feb 2019 12:25:37 -0500
To: Sam Hartman <hartmans@mit.edu>, Sam Hartman <hartmans-ietf@mit.edu>
CC: kitten@ietf.org
References: <tslbm38vl8h.fsf@suchdamage.org> <tslva1gu67z.fsf@suchdamage.org>
From: Greg Hudson <ghudson@mit.edu>
Openpgp: preference=signencrypt
Autocrypt: addr=ghudson@mit.edu; keydata= xsFNBFLMQYIBEADZLNv8Jpeo2d4XSLE+k6m1VD2iOyX66wErZKaQpYrGB/leWKfz8l6c3pWd iVUnCoyxKlhRuGVArszdh2wUSRgHnMl86JC/vIdawdOdbnlTVfOJTiP3EfycsMUUDG6GckLY e+xxo7sM/bpXpGkbIWc0Ec/vbQt67eeW2En1AqL+ezJdVN9XL8icH2Hu6HlqxGgleC5H0yAi kM4yvNjo5z2M/Dr/x63bLcIdKkSRPzd0OaBg2g0Yh651eYpPu0e1Gi6785ZBjV4bnv3K5oLo 5XsiHIZ60maHWTEyMO/byw4aS2cCWIovXurvz699KSF83B296+xhsFhhz4+kbQgXvJt4kIoI pdpX6xbIkeVlc+FuUbyE8MUGveA3TFHXZ4+0f2tvTekey/62FOeXnrqc4NsBViir3zGTXAqC 7PQTNnX/86jyW+9SnJo9XbSBB3NV0K5I2o1cDzqRPqy/4fsoq8SxQwRga0CSId1PzE9PUEUY V0FCldo9LvPsUK9YE7AuwC+bcQiVLah5TF+5Kk7yLSaRxzQ3fI5lcqk5UPUqMLa87cRBdnal niuHVg0u3W22RMPkWe2iPIYYdr4TQDzCkD2JXpXNaZ3KipVT5aqowwfPEt7b6ti0vjrOInij YzFmVNMGKYabwh2zxKWQQ8GO5mUVu09CSe33H4EW7pDP+zHr2wARAQABzR1HcmVnIEh1ZHNv biA8Z2h1ZHNvbkBtaXQuZWR1PsLBeAQTAQIAIgUCUsxBggIbAwYLCQgHAwIGFQgCCQoLBBYC AwECHgECF4AACgkQDLoIV1+Dct8dZBAA1Mtoq1RPuUQg6hL2qFjwTEXeonWq8czkQ1fNNzO9 x8I3VLn5L6CmWeAmxRU1DD0qZ5HL24+Mwnvy/eazp4/CSgiPC52KfbNsnQtg/E+8ruFQVHA/ 3HZXuCT/Nz4s06N3fMZrJLCGNEHRD0S43kb2GGboVY3ykO3FbPJB/DxDqtIMqt6B1SZ87UAR CVsRc296X3TsF9BgoQ/n54XfYAzrACkuIH9biHmH6wB1eykCeuhkCsu5Zf/tlSXJCFiuhvS+ CX2EbNKF+0MLcGAavSzbjTnQw3kv8unSgecbEQ7A8ibGx6Jwgnvy0gzu6w4prhR40pVYDcL+ sKsmQg6jo/uPvGdEqHISFSK8FxGGAonaAwg0014bXLaPo2MckcZ+szcHA/z4vpTdB1vChexL omM5ZTeSJaFfeYsspv8sq6EL1x21c7A+ngCmB70/OZR6dcgf9/ILmcjBiYfJHYukXTIvGT6y QJbok19So8RJKUYjzzHDKBweg8x6HdIrdy7HTcLzsqY9PFGg7/YlbLlGQwYXhK1b4uBmWyE7 I/402+57I1YpMYND7vsTmJuE13Gv5ZGhYn5pSzX9ZTWY13LgGymkWBXPxfefkHKTV9ROCGEL t7SV3Nf7ZsCGLRGmDT6oqLz75/IrhKEcHIfD4ct+QvIm6pvPNvikQMwPWSd52GazILLOwU0E UsxBggEQAKaz/wX8nsSUaivmwW4NVlbmTsErHUt9iNHm9CmieuoDv1o8qUqEV6RiONIs0q5Y +dcooazhHRNpjAST2rbQFBZebfpVRKYAGzHoZEQ6OV8Eao+NjAGazS8RuwIxpeZ36r3AyVhe TAIvIzwpQFDNKTIUNbXctHrZ157TlxDuKwZ3+Yw/bhQE5YGrSLm17wIMcY3UHiE1mO5X0ohR dDeTf93PignUUvWvRRQLyxRGsBLz/CCwmCJZeu/FjnDk8HkEbAlmFAJ+YZu9rQ40vU6Z40KY L5U9PIn0FdSxviK7mys+VbFYV6mXWXZN8dOkHuG6zSdmobE90G6ZzAPcI4cyql63N+kUOb3b hGI/Wvn6tUbWeIc8UvQGpYb0+eOKHQBNKUOq5RV98hZorZRCu2W2RzZSxiufyONvtonbUtYs BMdw+gqUpK0ir782lc3cKbj+X5iiyg3ZGvBmTU6FN/MiX6MnTyEwOScFboKe6vB8ZgwII85K n9qlSI3xH56JBXamMP0yqJf57q0WfP8V7lFtm8SmhU2NQyP3wRYDm2+bLTNCmRPJN2ZUgkTx c/Qjov8TeeiTfX9S3ea/GJOdgA1mQfSkmUoOWROnwDBbKGBXNzkkoJna8j/zWgo/mQ5gNdIu HXcIdDKbyyhVH3+DwxXYWyYP/pnIk3AVCss75dXcdStfABEBAAHCwV8EGAECAAkFAlLMQYIC GwwACgkQDLoIV1+Dct+oSA/9HyTkr+UQbaucXE9pP87yasObKCBxYhoeRjzBhgtYUtSDuH2o xl5M3wmTNOooQSa8R1ljhax9v02pqspIA9hyGjGjvZ6jPydDsANNcohdbMjCzXNdrCF5149w gbGQ07rkc5JNyajzxH4GE/BXclTzwTYAaHvYM5PEQLDhmubK3M/kBvjWpZxLAJAobMi/jVwQ cmai+N56X9Ht/FVIQlmCuXoMAE9ScVWFaq8JnCo9VZ0G045NcxdEoQXVUXb3E5cmZ0Ld9sUm SKSJKjYWjfE4c/8oylZuo9LDTwozBEp/jsASjL0g8F3QJsQUkFkKROd45xHcIkFulshS3xkG gMu6UduV2ypPz987f+0wdVwx+KYnmnUB83gxqVucFRxfZZXiUHUml4rJ7Ww2+//H9FFPfw9f aPMg7nLFm2T0to3pwgyisLH/aThzW3TY7CZ7gkvMDtbo9EHrN4Nl3onuOtOKQpIMbFVqX4YZ m6znSLuUiWDUd8rvQfz+4ndZKIFOG1YIKwQBV8tN1RYBGY9bhv2Wtt5X6SKIzkUhDdgeyzci MC1M3N0Pqoqrms7FdBKAd0BE7puhQ24U42APss+Ur6WyRZMQTKc41SZWfrWV30agytUVdtRu gxERw74qeGAz6o3if42vI6u30SR6OCLMMSobqKc7HQvJ2qv3Z6j9kt1zXiE=
Message-ID: <65c84426-b909-244a-5721-3883141082d2@mit.edu>
Date: Wed, 27 Feb 2019 12:25:36 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <tslva1gu67z.fsf@suchdamage.org>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-EOPAttributedMessage: 0
X-Forefront-Antispam-Report: CIP:18.9.28.11; IPV:CAL; SCL:-1; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(396003)(136003)(376002)(39860400002)(346002)(2980300002)(189003)(199004)(51444003)(65806001)(486006)(478600001)(11346002)(426003)(2171002)(126002)(106466001)(476003)(88552002)(2486003)(446003)(26826003)(2616005)(23676004)(956004)(36756003)(336012)(4744005)(246002)(6246003)(305945005)(4326008)(7696005)(76176011)(53546011)(36906005)(106002)(65826007)(2906002)(47776003)(50466002)(186003)(5660300002)(110136005)(6706004)(85306007)(786003)(316002)(230700001)(64126003)(8936002)(58126008)(6636002)(14444005)(31696002)(31686004)(75432002)(86362001)(104016004)(356004)(65956001)(26005)(8676002)(229853002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN8PR01MB5604; H:outgoing.mit.edu; FPR:; SPF:Pass; LANG:en; PTR:outgoing-auth-1.mit.edu; MX:1; A:1;
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 0e632d72-e530-40c2-9a14-08d69cd897de
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(4608103)(4709054)(2017052603328)(7153060); SRVR:BN8PR01MB5604;
X-MS-TrafficTypeDiagnostic: BN8PR01MB5604:
X-LD-Processed: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b,ExtAddr
X-Microsoft-Exchange-Diagnostics: 1; BN8PR01MB5604; 20:IHOO/qCr9+0fa8A2nBZCgJkPcvx6zUB744Ne2bHfivwJWPgJ8Rvke33c00ZVU95bS8B0QSAui+cfSySPILPQr9p8s1hO/Vo8unVhHnXYBs4pKdRQ+5wDYECEm0UTztDSTGKfjMlPKVyBst3mY4rDsMygFeWUm1RhyAaW0LQEg3iMkR643E1u2pFJ6SJ4OSDfxSLmnxlpjndve8HHcCtkCAEImqIq17kV2F7eLz6cCaQodPdKuSk/5PVG0L8f4wMyZz0BZ8PyPYIKsVrMOopzvbJhg36r5MrR0V9JZV3c84hTJl3aSywql9BmvDw+T1qQo9+qzJ2m8RY/koeMA3LpsW7Wu6l2UumbXBveupneqwj1val9KEyiroagnY3aq5+i3+x5EyrSdvFf62NBYdKO3wbdT3WWFbO/Q/yS44aZtFhK3N5Kih7TQXhBtlvjnl1MNDhzpXsX47xLeJ0IKtM8CDMPK5dbYp8YCwETYyNhqGMHgXvaQTcLqUd9hwNJamAsd0E9xpOmuiqZbif+kzWr460iKbTMhyUhu0BERFSTa+2t00HEjiCfuvXHrilpDJnZ3o3YwHj/AUe/N9fvdGNXeCCMR6e3EHRLu7Wl0xcnnHk=
X-Microsoft-Antispam-PRVS: <BN8PR01MB560434AC268F290F112F7B54BC740@BN8PR01MB5604.prod.exchangelabs.com>
X-Forefront-PRVS: 0961DF5286
X-Microsoft-Exchange-Diagnostics: 1;BN8PR01MB5604;23:9oiGcKk3IfYAyXkJWzxBz3dYiawYFhyCpbplaCW+37I0SEtPIiE9W2gaJPjnw9EE/e6Thiqu7lpPHcP6V1QE7NNqp4gjQu8jR0DNJa2AnYIQvl7tc+79BW24vDHoNOE3C1SMtbrjsz3M0R1uqduytKDshOSvasMDNee64ah7a9ReD/dr++DU7roiOysdDQXybM/kpls0mZJ4Q63rmpcvMi6Fow1CHD152vCfV+MmST85aP7pIDD2Z3vMpFB8UFD2/4XJuQHPepRqk+yx/iOMm8PyF65aIHmIbbMtDpSUsXvgbW+2Mr68BbqxVmooF5OgqFchSJClePP2quVIXbN3Z7lWEbYxY1HVMe3mUA40DzQqB16w6QD1x17zOSv3ta4nExwE3O1H6M9EgFlET2wMd2ohZ+FYneqan8LSq5vmJJX2TSmOD2eRtue2dDHsB4sI6wEar2OTs5WNElqRG7VdSm61PR+UwzW2ArsZlT7d1S4+2F9vhvPfM2ACLv36LHr659w7S8x8gU6P9q4MliFTbZI7Kn3hwEfzvCT8bevf/zg9ujy+9Vim76ecoXYLzGhdNwWaNfxA6bGp5Y4EIW84CiPOnQPS3vBYEmx6BdpXC/SfL1tFs471RpcZ/IUzG/okdHv41r+g3Dbw35qrTvw24LCRWiht8F1UMr1y3DLT2lFEyafDc0Nt/UIjQkob5NiE6CX+K7+Y09XvrpNw0b9p5+iPLCKsTEHTgoNqj4v8tYxu5DsB6nlHX0e2GdcDIw8PNh8R5Q1lUvAEbNHCxgnRhsBG5qXrnCsP1FE1IxkXkAwyc5KcWe2sWK5Sw9K2dpgTD2jwXumvfpdkx3cTscwP8Slnce7sgO7B1fmxQJikFhpqCAlZ/srhSb3rwcBw9HqZ7PgBMzY3b1Oe5yQltMQDG269//w6/beCuYX+PHmnK47Ce9lYmyrUDH7f3ZACFD+DbLN+k/o2WAjkWXbumT5W2rV1ZfjfzodCBRt4wO1vSQDF9sP9lPKVxkeVXLKExYEGrqeBhQobSqIU1DnspHIbu/RrZYIbtEky9agWKCl82IXxs5Eaj4+646NfGT9JSKmvnFxRA2NFQLZD1cwEIlePtr19sVyHo+v+vpz0Y2E9p14EBfYrNF+oYb3Qgu4Y1EIjm/tYuJ7pEONTGieMCL6KJn3HDd1UrymyZ/KaGWTtDsikkZCrxqsya38so8oBa6pTvYvHKbcD1n2MXh0RnVNDfW4wH7j9ifUrTkPJFqet6jGvYyHWoR0O9r7LO6yKQTwWIKhlGELDVPx2wkWhFEkN5TOOrDLen97a0ZjtkB2+XZv+NgdbVNldwnYb+0lCIr5PoSN1VksqV4LmqfXJksRqUYv3310gi0FznIvdRtoKGiI=
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: yYcRJzty5Hu+EhnSeR3uRuaFx0DUPWoK3eZHrJj5Nn2MCnpIEuFXDbqmMwwHkiJLDnN3I1eEHNaXnlODHsEBQFF40AwuX884ZQem/DGLLQbsXwtUSMSixEizLVHv7HDOmD04ytSVDLmwNr3PZl+Zx5WQYz40PjIz1ub+f6rM3U5H6WVpQ9adJYhF/hpvhPytgU84Cx44MCGZ7+dkf+vWksAAL8rf9tGP0zCj7YNfWM+8X7E06xtDRD9P9dra+mcik8LTKRxx9tqmTqgshhYpPfIt0kjr74RIJ3VwPa6TUTTxB+4KhLpw32ufsh64m5V74HFNejVA6ARjkRtUfOnZbbrlH22ruh0dMWB1RVTQ790W1sZGabgdplniFRTsgsWdxv2lpxc44j2Mu5/bTivF3Jk2DDyJX3HLqglStvYF+2o=
X-OriginatorOrg: mit.edu
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Feb 2019 17:25:39.1178 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 0e632d72-e530-40c2-9a14-08d69cd897de
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=64afd9ba-0ecf-4acf-bc36-935f6235ba8b; Ip=[18.9.28.11]; Helo=[outgoing.mit.edu]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR01MB5604
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/CmhItb0eESD5hr6jqthdTfWtBmE>
Subject: Re: [kitten] Review of draft-ietf-kitten-channel-bound-flag-04
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Feb 2019 17:25:45 -0000

On 2/18/19 4:39 PM, Sam Hartman wrote:
> However, I think that the decision as to what to do should be based on
> analysis of applications where one side uses channel bindings and the
> other does not.  Since I'm not actually aware of any significant
> applications that do that, I'll hold off until my previous question on
> that issue is answered before forming my opinion on the correct
> behavior.

I think the practical motivation for this draft is a desire to add
channel bindings to application protocols which do not currently use
them.  I believe HTTP Negotiate is commonly given as a candidate.  So,
while I am not sure there are any applications in this category today,
there is a desire to (at least temporarily) create some in the future.

v2.23.0 | Report a Bug | By Email