IETF Logo Mail Archive

Re: [kitten] New URI Discovery Draft

Greg Hudson <ghudson@mit.edu> Mon, 26 September 2016 15:21 UTC

Return-Path: <ghudson@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E856312B29F for <kitten@ietfa.amsl.com>; Mon, 26 Sep 2016 08:21:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.516
X-Spam-Level:
X-Spam-Status: No, score=-6.516 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ksV7mEN-LnAc for <kitten@ietfa.amsl.com>; Mon, 26 Sep 2016 08:21:21 -0700 (PDT)
Received: from dmz-mailsec-scanner-1.mit.edu (dmz-mailsec-scanner-1.mit.edu [18.9.25.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04F1612B23A for <kitten@ietf.org>; Mon, 26 Sep 2016 08:21:18 -0700 (PDT)
X-AuditID: 1209190c-ecfff700000039c9-7c-57e93ced7baf
Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by (Symantec Messaging Gateway) with SMTP id 0E.A4.14793.DEC39E75; Mon, 26 Sep 2016 11:21:17 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id u8QFLG4i019374 for <kitten@ietf.org>; Mon, 26 Sep 2016 11:21:17 -0400
Received: from [18.101.8.139] (vpn-18-101-8-139.mit.edu [18.101.8.139]) (authenticated bits=0) (User authenticated as ghudson@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id u8QFLF3I021433 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT) for <kitten@ietf.org>; Mon, 26 Sep 2016 11:21:16 -0400
To: kitten@ietf.org
References: <1474669521.30344.15.camel@redhat.com> <c2e61e27-8a6c-1d38-140e-0c019b0a13a2@redhat.com>
From: Greg Hudson <ghudson@mit.edu>
Message-ID: <82ede944-b10a-f760-338e-f43cad6ef7c7@mit.edu>
Date: Mon, 26 Sep 2016 11:21:14 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <c2e61e27-8a6c-1d38-140e-0c019b0a13a2@redhat.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrKIsWRmVeSWpSXmKPExsUixCmqrfvW5mW4wdLLmhZHN69icWD0WLLk J1MAYxSXTUpqTmZZapG+XQJXxsz+XawFq7gr1qxextjA+IOji5GTQ0LARGLq/8tsXYxcHEIC bUwSB95OZIRwjjNK3LkwmxnCuc0k8fL7XXaQFmEBXYmztxpYQGwRAWGJ3VvfARVxABWlSXze 7AASZhNQlli/fysLSJhXwEpi68MgkDCLgKrEntt/mEFsUYEIiVurPjKC2LwCghInZz4Bm8gp YCdx9EYjG4jNLKAnseP6L1YIW15i+9s5zBMY+WchaZmFpGwWkrIFjMyrGGVTcqt0cxMzc4pT k3WLkxPz8lKLdA31cjNL9FJTSjcxgkNPkmcH45k3XocYBTgYlXh4PQ4/DxdiTSwrrsw9xCjJ waQkyitj/DJciC8pP6UyI7E4I76oNCe1+BCjBAezkgjvFnOgHG9KYmVValE+TEqag0VJnLdr xoFwIYH0xJLU7NTUgtQimKwMB4eSBO9fa6BGwaLU9NSKtMycEoQ0EwcnyHAeoOGSNiDDiwsS c4sz0yHypxgVpcR5/1sBJQRAEhmleXC94NSQytH9ilEc6BVhXn+Qdh5gWoHrfgU0mAlo8NIT L0AGlyQipKQaGA8HxB/lVeDQ+LPjwvUgf4djDW9ZpzdnaYYu7vA1t6v8ePfT75iWBfkLFx2e d+brM6U9i/Xe1kcuEtgVspCLgbvY7oGrL3tQPv/D/ly2nVzvpTQurDt7oDZpN4NsSXDyRKfP JzlXBFVvu33X9X7Pji1H5R9PsbmYPtvyfOPkkhXM+mw2hqv+qSixFGckGmoxFxUnAgBOUaJf 6AIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/NbNaIQR466PW6Ijexz5-l5nh82A>
Subject: Re: [kitten] New URI Discovery Draft
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Sep 2016 15:21:23 -0000

On 09/24/2016 12:29 PM, Petr Spacek wrote:
> Just wondering out loud, not insisting on it:
> If we say there is no criticality, it will be impossible to add later on.

I think that's fine.  Let's not over-engineer this.

> What about using capitalization to indicate criticality of a flag?

It's definitely not worth introducing case-sensitivity to an otherwise
case-insensitive DNS value format.

> Or maybe we can limit valid flags to lowercase ASCII letters for now so there
> is a room for extension in future?

Criticality cannot be introduced later as an extension.  But again, I
don't think we need to engineer critical flags into this spec.  Flags
are only barely necessary at all.

> There is no definition of "host" and there is none in RFC 768.
> Can it be IP(v?) address?
> Can it be DNS name?
> How this field should be encoded into the URI?

Per the implementation, it can be a DNS hostname, and IPv4 address, or
an IPv6 address enclosed in square brackets.

>>    o Value: "kkdcp"
>>    o Description: Kerberos Key Distribution Center Proxy Protocol
>>    o Residual Format: https://host[:port][/path]
> 
> This is technically URI inside URI, am I right?
> How is it encoded? Should usual %-encoding be used here?

% encoding is not used.  Formally, you can imagine the https URI syntax
being incorporated into the syntax of the krb5srv part.  I'm not sure
how best to express that in the document.

v2.23.0 | Report a Bug | By Email