IETF Logo Mail Archive

Re: [kitten] Stating support for HTTP-SASL on the HTTP WG list

Rick van Rein <rick@openfortress.nl> Tue, 07 February 2023 10:30 UTC

Return-Path: <vanrein@vanrein.org>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8680C140C03 for <kitten@ietfa.amsl.com>; Tue, 7 Feb 2023 02:30:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.666
X-Spam-Level:
X-Spam-Status: No, score=-0.666 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, PDS_RDNS_DYNAMIC_FP=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, RDNS_DYNAMIC=0.982, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iPA034IK4Vxw for <kitten@ietfa.amsl.com>; Tue, 7 Feb 2023 02:30:48 -0800 (PST)
Received: from fame.vanrein.org (2a02-58-157-9b00--7.ip6.tweak.nl [IPv6:2a02:58:157:9b00::7]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 360E6C14F730 for <kitten@ietf.org>; Tue, 7 Feb 2023 02:30:47 -0800 (PST)
Received: by fame.vanrein.org (Postfix, from userid 1000) id 0ECDA2C8E9; Tue, 7 Feb 2023 10:30:43 +0000 (UTC)
Date: Tue, 07 Feb 2023 10:30:43 +0000
From: Rick van Rein <rick@openfortress.nl>
To: Nico Williams <nico@cryptonector.com>
Cc: kitten@ietf.org
Message-ID: <20230207103043.GC30583@openfortress.nl>
Mail-Followup-To: Nico Williams <nico@cryptonector.com>, kitten@ietf.org
References: <20230127160101.GB635@openfortress.nl> <Y9QOTlS5Pmv47brx@gmail.com> <Y9QRD8iRrpOqATqZ@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <Y9QRD8iRrpOqATqZ@gmail.com>
User-Agent: Mutt/1.5.20 (2009-06-14)
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/V4z3835yvgyZRJQtrRxRysGOSWo>
Subject: Re: [kitten] Stating support for HTTP-SASL on the HTTP WG list
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Feb 2023 10:30:53 -0000

Ah,

> I suppose there's two ways to do this, either:
> 
>  - include the SASL mechanism name registry as-is in the HTTP
>    authentication scheme registry
> 
>  - same but with a prefix (e.g., "SASL-") such that IANA need only
>    reserve the prefix in the HTTP authentication scheme registry.

There would still be a need to map the SASL-* names to HTTP, which
could be done as my draft suggests.  Yes, that'd be a design alternative.
It would also open up HTTP authentication mechanisms as much as the
SASL name space, which is going to be helpful for new developments.
It also helps to bring protocols together, as SASL intends.

I don't think this solves a problem, but it surely is another way of
doing this.

Cheers,
 -Rick

v2.23.0 | Report a Bug | By Email