IETF Logo Mail Archive

[Ohttp] Meaning of "usage constraints" in charter

Magnus Westerlund <magnus.westerlund@ericsson.com> Tue, 27 July 2021 11:54 UTC

Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: ohttp@ietfa.amsl.com
Delivered-To: ohttp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89FD23A215C for <ohttp@ietfa.amsl.com>; Tue, 27 Jul 2021 04:54:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.552
X-Spam-Level:
X-Spam-Status: No, score=-2.552 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.452, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cx0pFTFKulgJ for <ohttp@ietfa.amsl.com>; Tue, 27 Jul 2021 04:54:07 -0700 (PDT)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00049.outbound.protection.outlook.com [40.107.0.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7CC8B3A2156 for <ohttp@ietf.org>; Tue, 27 Jul 2021 04:54:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JnwK371HzuP8vqZvkNpqyV3xHkQGySn43d+6p1EgxnansTWmJ1b0tvGD15Nvly+H9d4hjYx3DRiwVLaBNLs/6AWqZUFIAuD4x0fZCZAm/j9yO765PsXks6gvDmk7DSU9gJmqY6OuVpIegjCH5DfVQDY0NnZp77zO5sLP3uKL3oQ2NjFmx1dUr9/KqXwmAXPE8ocbUClsBtaMyTrI7qbFuw8SJD6gMwgSgBCpz1V3i6BiNfNFZJTg4MDGphfBmo5dfa7Y7CVsfig5tNiNLffA/pEfYzmqMeDPDbvVzLkjmFF73hlBQKDSrUNbUnUIMmR5rvmWrNWz/8EyeclpqamACA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MUIaUMSbhj5Mla9mDKuq0gk9Jc9Va1QSaRRI1g4m+Rg=; b=EnmjZ3pWJst8c/XpZWEiNBpvesxud6C0TMExbzG1euoAuoNq4zOxjumbzdEFU/Pgn7bBYYqzlsLgl4rTqae+MRkEmYifLnn6ANzhRT1hrhEey5O6eWVADcq5XRtYKACeECEtk8nimTFuLxvF0X5jxUuK16tSeNd74lzKq957ibLMid2saON7J5cIRHuQdql9o0szNV1wp6G2sPrknCFBwwSNGHLKYCdNFqeIRZb6Emf53ROsaYFLPLPyFwmOPo8A3O9kB600izVOB0rpWQWugz20cqY0sBMwc4zSoTpJLhBn3X14n0ipCfxconybyuUCVBCwXv4k27FXsT24B/tgAQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MUIaUMSbhj5Mla9mDKuq0gk9Jc9Va1QSaRRI1g4m+Rg=; b=Y+OX9uKiN+6IwK57oyw+lxhUJNay1SgdFWBqbWEp2STX/ahlONawCpS0Z2sv9lM2re6zgjjH3+wjyqSFNdfG3PDlAY3yNOgKNRKuYD791riP5R6gJ9ECzGNLIUIlFTfz84sX4IKTZTsztu/0l30G30yGexVI7PSWtyfAs+o4MpQ=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR07MB4218.eurprd07.prod.outlook.com (2603:10a6:7:a1::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.12; Tue, 27 Jul 2021 11:54:02 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::a4e0:8775:dc6d:ec69]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::a4e0:8775:dc6d:ec69%6]) with mapi id 15.20.4373.018; Tue, 27 Jul 2021 11:54:02 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "ohttp@ietf.org" <ohttp@ietf.org>
Thread-Topic: Meaning of "usage constraints" in charter
Thread-Index: AdeC3OfO1EwgoyIbTaeZmCsf5MF+4g==
Date: Tue, 27 Jul 2021 11:54:02 +0000
Message-ID: <HE1PR0702MB37721B3DC9958D6FECAC24A595E99@HE1PR0702MB3772.eurprd07.prod.outlook.com>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ceb54ba5-5a2c-4eb6-0b9b-08d950f53a31
x-ms-traffictypediagnostic: HE1PR07MB4218:
x-microsoft-antispam-prvs: <HE1PR07MB4218D9FE933B856BC136FBF595E99@HE1PR07MB4218.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ddnbhc+s/y1i2VpYZIfgRIpe5QL8/IYhfGVUnilxknda9aau9OTtZ4mS3NjT2JnnM55GWPc4+YO84yRWImKt9YriAoi5K50fukCKMhIA888kYYxVCay4v8vo1ZgmlOVEXnahzxXzp9zlkViWUHbtHPNq8QyEa0X6e8Py7QeR/7n35qEQAw9uy8/CZcJlTzzdA6b/0X+9awE1oaNLt2XRFx8NasBRKNyJh8E5eWsqJOihsXMxjXKtPVCRZsklVbn0b0FHxft3yB99hikNBd+rp9YpAsMJBJs9UuA0iPBd8GMjA7I3rLi/ir4FuWhuMx+9AQB+gEOOQtwYnjVrOK7cjmHkK59aSZ/2thsQlz3fUPqTa1j8XqWUGHNVG23QC6JUoUz3XNQ1GcdNYcSj917x4/jQ8HVn1asO7XCDor9udUv13nXAjprfKKpdLvs/IYsQ4P17L/xle8Mb6sjZhtHw8lKjQ+FiPx+A3NczZdcAZKHujLriqOoNmxlHoiiptFpm4ZakWwFWkCYm+YKuZ+zUI1orMCQBx1iyGC6KLn3+pzSE0kBPnRFi0PRQ/bbria39cQ9XTlnLsaB9zeyPzM/TZzAJRwB+Qa7+U8gSV8HtDDcLzDnlMLAyivenpoETQeCEO4uUot88nf5kboAF+HiYUcyPC5bvpQHjN8fqPcV7zXx/PpAOm3N1F90LZjAYaib+DyMjqFcoV5gbne1NgU/P9Q==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(76116006)(508600001)(52536014)(9686003)(7696005)(122000001)(38100700002)(66446008)(66556008)(64756008)(71200400001)(66476007)(83380400001)(26005)(55016002)(2906002)(316002)(186003)(44832011)(8936002)(66616009)(66946007)(33656002)(6916009)(86362001)(6506007)(5660300002)(99936003)(8676002)(38070700004); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: L8beiqB0+3YRGdZiERyrKN+71H2ZKYOp8yNxwj7j4g65aeDSXmoxR02yWpxwVOF7R/j04MR4yKv/zYK5e/z3kB8Y6gwkLwsIVKKA2vHRwNCct/pN/baLjYnBiMG1yMcwVtN4gE8i9RRBxbgcYCt0LR9Li1bSqwnJFmBZSktN52Ln63UWN5p4QAqophJaLAuJehCt+APaE3mQ0KgWeWSKEbKuVvPk8btI+61qOHDvh/3Rd7ZxFz3gBSXG4mXXFn9szN/8cMFOfnhzOy77oyEg4R2aK50y/8goOXqWhaWcjcoMLyvLrVPVPHhSiSba/iFbg301Q31rhPH0bVX7yuo/RmbAtx+p2431KJtVc+qTBYZBx8SCeU+7E5p54NpJ3VaZCGI/FKy79AXHeCCK9kBME18gZ4DnN1QgZ8AkVxCkc3OBLk7X7ERJMA09vTXCyDli3uVmIS3DGjtBCO7QK8v/OEA2pDfT0U4QJQS+r5trp0X5u5h+IF7MreX75H9Dvyo3ZAeySu+nrTFWpLZjQ6ZygT6VtEohf4TjBX04Wdw7+gcEBvYf4WWsYC2NDJJfTVUqrRr0Ix03WbiO1/vEgbDkFfl/3XJWDgkGlumU6QKwqs0fvYAntNn5kZwgVsv64CEBN/SFQCAXCHRbc/YFaR0VMoFF9NTSj5ealwvJH7jLbx3UXDMr0dIYVZAHlQBPXWm9lPFT1NNQJGKGy9ydwPnqh2vyhqTkmRDkTmTYKboANC3H/CSm4WV68UuqVi8MzAsT2MpKh3U8K6cngNTkh8Yq+eexbmwPJ4gRqojrScTwAF3A/ApXVSc/K2H0u7FY65JKegLNcZpSi+oiV3lrA93e0Z+5iBIzXAJfEEOwK6bze6HsRyyGtB5BVK2MhWkHWWqsPWQCIZDVEDzVMMZUT0akOSj58/qvDIsZat9BmxiWQA1oUHxQoJPQ9vQGqD7vmytaw1QCcfMBPdt53iIsVECRumrZIxV1w8U1bsPeInVdMJ+CS/UFTnKBoMwb0OTYhraPEDLORoylSDVLXwqOKNXBqUa51+wXX0rRekvrkMOYzwqAiCcZu1d1sBCoKS2yByDqjWdOOo+9MJ/1YPJteAyKQiUbs9a0cc6Pyc7SAWQJCk5r9MFaCHjEU8JVC/Sj/dz5EMBJ5rn6fJD2E0yiB/y7Gy1p7szLAtFgQ5TGxs9aJVH6bxgFgjjtNd62YpcgmiwsepgjEtY4P1y/KyHd7cYAhSjkt9cIX+PfFmfLWBUkWLD2GweP5ZmNCf+Uvw32SDk22apHMS04TniVQ9CNqEnOG7aeV8pEFCJ0FFycWlerJxaIMXOGWEoeslFT6d7cTRkO
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_0255_01D782EE.DA727340"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3772.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ceb54ba5-5a2c-4eb6-0b9b-08d950f53a31
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jul 2021 11:54:02.1129 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 7sC7TEJOfUDwOTy/BLwx6TI2yGRFykW2ma2jsxNaTFfvDQhN1k9bo00b2aagMQsvfsVd6xcaYkYvN2zm9ryCzTH+7aKashv+O7zpsVRZ3IA=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB4218
Archived-At: <https://mailarchive.ietf.org/arch/msg/ohttp/2m2rwl-7viamHGk1Mftq6bGVde8>
Subject: [Ohttp] Meaning of "usage constraints" in charter
X-BeenThere: ohttp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Oblivious HTTP <ohttp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ohttp>, <mailto:ohttp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ohttp/>
List-Post: <mailto:ohttp@ietf.org>
List-Help: <mailto:ohttp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ohttp>, <mailto:ohttp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jul 2021 11:54:13 -0000

Hi,

 

I have a question regarding this paragraph in the updated charter:

 

The OHTTP working group will include an applicability statement that
documents

the limitations of this design and any usage constraints that are necessary
to

ensure that the protocol is secure.  The working group will consider the

operational impact 

 

What is actually meant with usage constraints in the charter here? 

 

To me it appears that for OHTTP to successfully meet its privacy preserving
goals the HTTP endpoint that like to preserve its privacy not only need to
have a method of getting the message to the HTTP server that doesn't reveal
the requestors IP address or otherwise makes it easy to figure out the
origin. A method for this is clearly described in the charter that has
certain properties. 

 

However, the other aspects appear that one need to have good guidance on how
to generate HTTP requests that doesn't leak tracking information to the
server anyway. It is not clear if the usage constraints are intended to
describe best practices for how one construct HTTP requests that is
difficult to profile and track. I can understand that some of these aspects
may be dependent on the usage, but without a document discussing what HTTP
headers etc that can be fairly safe to use, the limitations on usage may not
be clear, and possible to interpret beyond any well known usages that a
"usage constraint" may discuss.

 

I think this part would be highly relevant for OHTTP but also usable by
others that may use another mechanism to achieve the transport of the HTTP
messages in a privacy preserving way. 

 

 

Cheers

 

Magnus Westerlund

v2.23.0 | Report a Bug | By Email