Re: [Lurk] 答复: 答复: 答复: 答复: Is this scenario covered by LURK?
Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 24 June 2016 08:09 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: lurk@ietfa.amsl.com
Delivered-To: lurk@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5ABA012D13F for <lurk@ietfa.amsl.com>; Fri, 24 Jun 2016 01:09:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.727
X-Spam-Level:
X-Spam-Status: No, score=-5.727 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7xlk1rAbhe5d for <lurk@ietfa.amsl.com>; Fri, 24 Jun 2016 01:09:00 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 877DF12D1ED for <lurk@ietf.org>; Fri, 24 Jun 2016 01:08:59 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id C4EC7BDD0; Fri, 24 Jun 2016 09:08:57 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KpSq79mnD5sj; Fri, 24 Jun 2016 09:08:55 +0100 (IST)
Received: from [10.87.48.210] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 0E249BDCC; Fri, 24 Jun 2016 09:08:55 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1466755735; bh=VwktQK4V0uYPWns7jWqVDf4NmKbObLVoocqGIEfGm8o=; h=Subject:To:References:From:Date:In-Reply-To:From; b=P8f4Icgl/FqdzI6xxdZ+NjeDmN8R10/AIe/8xy94Sm0NCEYUXT2/L4Q5pEhXdRga4 Lt1UQ0Jj5Wdv7ayr1/jr/+hNkGc/8vEj5+gjQleGVuOS2c0c7P7YBrMBXwouAIeXmP WpOBlUUd4WuDkD4vM+c34inAyFrmrRqrqvXuJLYU=
To: Youjianjie <youjianjie@huawei.com>, "Fossati, Thomas (Nokia - GB)" <thomas.fossati@nokia.com>, Daniel Migault <daniel.migault@ericsson.com>, "lurk@ietf.org" <lurk@ietf.org>
References: <D390086C.6A76E%thomas.fossati@alcatel-lucent.com> <F6C28B32DA084644BB6C8D0BD65B669DC0C87E@NKGEML515-MBX.china.huawei.com> <576A66C7.1080602@cs.tcd.ie> <F6C28B32DA084644BB6C8D0BD65B669DC0CD7D@NKGEML515-MBX.china.huawei.com> <576BA616.7070101@cs.tcd.ie> <F6C28B32DA084644BB6C8D0BD65B669DC0D181@NKGEML515-MBX.china.huawei.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <576CEA96.2070603@cs.tcd.ie>
Date: Fri, 24 Jun 2016 09:08:54 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.8.0
MIME-Version: 1.0
In-Reply-To: <F6C28B32DA084644BB6C8D0BD65B669DC0D181@NKGEML515-MBX.china.huawei.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms040600050907040101090405"
Archived-At: <https://mailarchive.ietf.org/arch/msg/lurk/TvGKT1vud4e3IFQh_zAUt9S9_5E>
Subject: Re: [Lurk] 答复: 答复: 答复: 答复: Is this scenario covered by LURK?
X-BeenThere: lurk@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Limited Use of Remote Keys <lurk.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lurk>, <mailto:lurk-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lurk/>
List-Post: <mailto:lurk@ietf.org>
List-Help: <mailto:lurk-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lurk>, <mailto:lurk-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jun 2016 08:09:03 -0000
Hiya, (Answering with no hats...) On 24/06/16 08:13, Youjianjie wrote: > I've a question about the current use cases > (https://tools.ietf.org/html/draft-mglt-lurk-tls-use-cases-01), I suspect the authors of that are better placed to answer than me, but I'll note that the list discussion so far has not seemed to want to process that (or any) use-cases draft into an RFC. While use-cases text may be useful within the WG, I'd not get too carried away by it myself. > do > you think the TLS client needs to be aware of the decryption by the > edge server? I think this was discussed on the list earlier with a conclusion that it wasn't practical to expect the client to be aware that lurk was being used. > For example, in Content Owner / Content Provider Use > Case, they are in different administrative domain. The TLS client is > the subscriber of the content owner not the content provider. Perhaps (though I'd word things differently). As a user of web browsers I would personally like to know more about the endpoints of my TLS sessions. Since that's never going to be information that's useful for most users or TLS sessions, I'd be fine if it were something advisory (e.g. maybe a non-critical cert extension). But equally, I can see that folks would make the reasonable case that such information isn't actionable at the TLS client side, and hence oughtn't be sent. I'm fine that the WG (should we form one) considers that. Cheers, S.
- [Lurk] 答复: 答复: 答复: 答复: 答复: Is this scenario cover… Youjianjie
- Re: [Lurk] 答复: 答复: 答复: 答复: Is this scenario cover… Stephen Farrell
- [Lurk] 答复: 答复: 答复: 答复: Is this scenario covered b… Youjianjie
- Re: [Lurk] 答复: 答复: 答复: Is this scenario covered b… Stephen Farrell
- [Lurk] 答复: 答复: 答复: Is this scenario covered by LU… Youjianjie
- Re: [Lurk] 答复: 答复: Is this scenario covered by LU… Fossati, Thomas (Nokia - GB)
- Re: [Lurk] 答复: 答复: Is this scenario covered by LU… Stephen Farrell
- Re: [Lurk] 答复: 答复: 答复: 答复: 答复: Is this scenario c… Fossati, Thomas (Nokia - GB)
- [Lurk] 答复: 答复: Is this scenario covered by LURK? Youjianjie