Re: [Ohai] The OHAI WG has placed draft-ohai-chunked-ohttp in state "Call For Adoption By WG Issued"

Lucas Pardue <lucaspardue.24.7@gmail.com> Thu, 25 January 2024 03:12 UTC

Return-Path: <lucaspardue.24.7@gmail.com>
X-Original-To: ohai@ietfa.amsl.com
Delivered-To: ohai@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B9BFC14F71B for <ohai@ietfa.amsl.com>; Wed, 24 Jan 2024 19:12:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.854
X-Spam-Level:
X-Spam-Status: No, score=-6.854 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rSdxvVW3u21i for <ohai@ietfa.amsl.com>; Wed, 24 Jan 2024 19:12:33 -0800 (PST)
Received: from mail-qv1-xf2b.google.com (mail-qv1-xf2b.google.com [IPv6:2607:f8b0:4864:20::f2b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9AF15C14F6BC for <ohai@ietf.org>; Wed, 24 Jan 2024 19:12:33 -0800 (PST)
Received: by mail-qv1-xf2b.google.com with SMTP id 6a1803df08f44-68687ff4038so26978966d6.1 for <ohai@ietf.org>; Wed, 24 Jan 2024 19:12:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706152352; x=1706757152; darn=ietf.org; h=subject:to:from:date:references:in-reply-to:message-id:mime-version :user-agent:feedback-id:from:to:cc:subject:date:message-id:reply-to; bh=541SCcYfm6qrqs7JshAY5KXLjUhXFoMuxxxOJCIqZeY=; b=TSeRkzUbh+9Ie5agxrxgPm4ypTzGnbeq964mw3rg6r341mVTAw+27meUEuOhjOsQE4 qwrxaO6vBtboef1Mv05dgKgdWJOgRMMnZvuyca570uyLLFOK8vcyAg90H0Q3Bz9sWdSw Kb5OE8sqvK/qS40dEfV41W9JMBc24SP6/xwKfRnQzlNfBf/GfpPPlC3SiUIvFKWn1tSP fIA8AvxJ5GF8Av2GGlnawLBi+1e4532RI7NNBCrwW01U550VB5JvvS3sPrVmYgKjEDQV f6X2rJK/YUV/yK7jrSmiYCP96ibZyJGBGgCHURqTU/uF3JvLNTA9MJ8mf+F/X96fSRSY QO/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706152352; x=1706757152; h=subject:to:from:date:references:in-reply-to:message-id:mime-version :user-agent:feedback-id:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=541SCcYfm6qrqs7JshAY5KXLjUhXFoMuxxxOJCIqZeY=; b=Yat596w29vCutKRs4xxETCeeSuq4I0djrH9nGbqfdb7HYTQBMA6I/aI2rqbHVtODf9 /eSo43N1UD16IaDa1dYVxrc/bRJKfguge/Vy88rwGrZ7oMRq/E98BNdA0DCZEISzViLF qx9wPuBL/iO2wbeXsdF/KGu8hvPK0GLEWT6l141LJFfvYBjFpq8CXPWhzltx3s3yDhg/ R7yf8ZuUZS1qIZC33dAJ34xKUBdm0zLK1q0SyhFmj+S8IT/N6C/LgpuZVsAK9h0DsN2U DN3qNHlbVImjl0N8//09749WKirF8qXC/skW9hawdYtw0gQN/CiEKhqfTUhP7qZat8AT 9d+Q==
X-Gm-Message-State: AOJu0Yxi7Dxr6TnIWM968i/tfBFemyZYjcSz1KLpeRW61uFR8MfBPFbi ZqrfdpXw8KGv+PgN9M1DbMXm6E5JIXCsDbZFI63w3WsQhe2tHfAj
X-Google-Smtp-Source: AGHT+IFDpU8Eb1D4YDQ1uV7voF7KtGeItFQlavXI0wDyjHeKKflnibAol9PJhC6oa3ShJJlxOquJVg==
X-Received: by 2002:a05:6214:509d:b0:686:2b34:907c with SMTP id kk29-20020a056214509d00b006862b34907cmr279709qvb.125.1706152352312; Wed, 24 Jan 2024 19:12:32 -0800 (PST)
Received: from auth2-smtp.messagingengine.com (auth2-smtp.messagingengine.com. [66.111.4.228]) by smtp.gmail.com with ESMTPSA id c11-20020a056214070b00b0067f7d131256sm5088993qvz.17.2024.01.24.19.12.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Jan 2024 19:12:31 -0800 (PST)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailauth.nyi.internal (Postfix) with ESMTP id 9F05127C005B; Wed, 24 Jan 2024 22:12:31 -0500 (EST)
Received: from imap53 ([10.202.2.103]) by compute3.internal (MEProxy); Wed, 24 Jan 2024 22:12:31 -0500
X-ME-Sender: <xms:n9GxZZc3jsRzgP_4LYRZ__InmnUQdTssUpMgM1q6LqL7aMIEvFRb-A> <xme:n9GxZXNxqe-UcH1ZewNM9jd1qLtq-v9fnpYaU3pUa9td_vORkIF1arya4AdIhQOnK rBHX6KSjEuv2ZFmX8c>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrvdelvddgheefucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfggfkjghffffhvffutgesrgdtreerreerjeenucfhrhhomhepfdfnuhgt rghsucfrrghrughuvgdfuceolhhutggrshhprghrughuvgdrvdegrdejsehgmhgrihhlrd gtohhmqeenucggtffrrghtthgvrhhnpefftddvledvuddttdevkedvjeeihffhtddtueei udegvdevueeiveeugfevudduheenucffohhmrghinhephihouhhtuhgsvgdrtghomhdpih gvthhfrdhorhhgpdhmnhhothdrnhgvthenucevlhhushhtvghrufhiiigvpedtnecurfgr rhgrmhepmhgrihhlfhhrohhmpehluhgtrghsodhmvghsmhhtphgruhhthhhpvghrshhonh grlhhithihqddugeegtdehgedvkedtqdeftdehieegudehvddqlhhutggrshhprghrughu vgdrvdegrdejpeepghhmrghilhdrtghomheslhhutggrshhprghrughuvgdrtghomh
X-ME-Proxy: <xmx:n9GxZSj4do6MHdeQuHEPglhn7BcHQBYNIx9eNvNcGjuWoBdz5IPiUA> <xmx:n9GxZS8FX0U3Od3kBbeew4zDKiT_xyzWXWONuXOyaHf3jX4848rZOg> <xmx:n9GxZVszta16HC6CH9jFMtXfjk5n4rO_U0Mp-mcPzD19y2-E0Acnjw> <xmx:n9GxZT3yix-VA90_lp4xxryWoaVV-aNvzdRxVfi6mm_W3eGKtOiR9jwcQ0g>
Feedback-ID: i2dd14938:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 65FE0364006B; Wed, 24 Jan 2024 22:12:31 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.11.0-alpha0-119-ga8b98d1bd8-fm-20240108.001-ga8b98d1b
MIME-Version: 1.0
Message-Id: <c9838443-902b-4974-8d83-4f270f954d30@app.fastmail.com>
In-Reply-To: <CAPDSy+5T6shZm9B0BC6gEB6uAckJHEGD8veeOyrFka3O3f366Q@mail.gmail.com>
References: <170605229077.32114.14133160573475368161@ietfa.amsl.com> <CAG3f7MgroSwXa=QpTU-vxx4fXRs3+-PyUxMtEsJXwncoD3v7pQ@mail.gmail.com> <2534E21A-7B9A-46E0-AE88-D1F6BD70F2C2@mnot.net> <CAPDSy+5T6shZm9B0BC6gEB6uAckJHEGD8veeOyrFka3O3f366Q@mail.gmail.com>
Date: Thu, 25 Jan 2024 03:11:28 +0000
From: Lucas Pardue <lucaspardue.24.7@gmail.com>
To: David Schinazi <dschinazi.ietf@gmail.com>, ohai@ietf.org, Shivan Kaul Sahib <shivankaulsahib@gmail.com>
Content-Type: multipart/alternative; boundary="3e55ba1ace8940038bbc0bb163039099"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ohai/SQMgFb4uFNfp8jnE6EHCBLJmMpc>
Subject: Re: [Ohai] The OHAI WG has placed draft-ohai-chunked-ohttp in state "Call For Adoption By WG Issued"
X-BeenThere: ohai@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Oblivious HTTP Application Intermediation <ohai.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ohai>, <mailto:ohai-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ohai/>
List-Post: <mailto:ohai@ietf.org>
List-Help: <mailto:ohai-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ohai>, <mailto:ohai-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jan 2024 03:12:37 -0000


On Thu, Jan 25, 2024, at 02:00, David Schinazi wrote:
> I'm opposed to adoption.
> 
> This mechanism appears to be geared at use cases that would be better served by single-HTTP-request-over-TLS-over-CONNECT (which I'll conveniently abbreviate to SHROTOC for the rest of this email). The reason that OHTTP itself exists is that it provides better performance than SHROTOC for small requests and responses, because the TLS handshake overhead is quite noticeable when the application data is small. This performance win justified the weaker security that OHTTP provides compared to SHROTOC. In particular, OHTTP lacks perfect forward secrecy and is vulnerable to replay attacks. Extending OHTTP to large messages creates something that has performance similar to SHROTOC but with much weaker security. If early data is considered useful, SHROTOC can leverage TLS 0-RTT with much better security properties: only the early data lacks PFS and replay-protection, any data exchanged after the client first's flights gets those protections. I'm opposed to creating a new mechanism when there is already an available solution with better security.
> 
> Apologies if this was covered in yesterday's meeting, I was unable to attend and did not find minutes or recordings for it.
The recording of the meeting is up at https://m.youtube.com/watch?v=TB_NH2QIr08

> 
> Thanks,
> David
> 
> On Wed, Jan 24, 2024 at 2:10 PM Mark Nottingham <mnot=40mnot.net@dmarc.ietf.org> wrote:
>> I support adoption.
>> 
>> > On 24 Jan 2024, at 10:27 am, Shivan Kaul Sahib <shivankaulsahib@gmail.com> wrote:
>> > 
>> > ohai all, 
>> > 
>> > Thanks to folks who attended the interim today to discuss https://www.ietf.org/archive/id/draft-ohai-chunked-ohttp-01.html. Overall, there was interest in adopting and working on the document. 
>> > 
>> > This email starts a 2 week call for adoption for https://datatracker.ietf.org/doc/draft-ohai-chunked-ohttp/. Please let us know what you think about OHAI adopting this document by February 6.
>> > 
>> > Thanks,
>> > Shivan & Richard
>> > 
>> > On Tue, 23 Jan 2024 at 15:24, IETF Secretariat <ietf-secretariat-reply@ietf.org> wrote:
>> > 
>> > The OHAI WG has placed draft-ohai-chunked-ohttp in state
>> > Call For Adoption By WG Issued (entered by Shivan Sahib)
>> > 
>> > The document is available at
>> > https://datatracker.ietf.org/doc/draft-ohai-chunked-ohttp/
>> > 
>> > 
>> > -- 
>> > Ohai mailing list
>> > Ohai@ietf.org
>> > https://www.ietf.org/mailman/listinfo/ohai
>> 
>> --
>> Mark Nottingham   https://www.mnot.net/
>> 
>> -- 
>> Ohai mailing list
>> Ohai@ietf.org
>> https://www.ietf.org/mailman/listinfo/ohai
> -- 
> Ohai mailing list
> Ohai@ietf.org
> https://www.ietf.org/mailman/listinfo/ohai
>