[Ohttp] Updated proposed OHTTP charter
Martin Thomson <mt@lowentropy.net> Wed, 07 July 2021 06:30 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: ohttp@ietfa.amsl.com
Delivered-To: ohttp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2377C3A091F for <ohttp@ietfa.amsl.com>; Tue, 6 Jul 2021 23:30:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.798
X-Spam-Level:
X-Spam-Status: No, score=-2.798 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=x5G+/+B9; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=CsUOh8tO
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x9vJNq8gmkO6 for <ohttp@ietfa.amsl.com>; Tue, 6 Jul 2021 23:30:36 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D37C3A091D for <ohttp@ietf.org>; Tue, 6 Jul 2021 23:30:36 -0700 (PDT)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 519AF5C013C; Wed, 7 Jul 2021 02:30:34 -0400 (EDT)
Received: from imap41 ([10.202.2.91]) by compute5.internal (MEProxy); Wed, 07 Jul 2021 02:30:34 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:date:from:to:subject:content-type; s= fm2; bh=buE7MFRORGZ3ggr1x8d8c91JuoNCMh7LW2oedp/ybuM=; b=x5G+/+B9 nvIOnnw0wCuYpGHKY5Ghj6G/4Y6mTte4knwwqwG8Ls359PpCFiQB6Nf/3NDqc8US 7ayU8Ro349f6T6Qrv8pJkY4a3CJ5qxWTeY025Zb5Tg+vlDs2U1CeqHKXj098a6Ia 0NtvcFKYR4f6fgb6VmwK09OOngiBfHbO20NdeiBbKvCovF/IgQZRJttKr2ERuoD4 ihghzu02P86JYw1gmol0blJMfPW42AlPJx/xIDkETK/LahWkIi8u2+Vum6JuFjzP 0NlEaRipN7GKg+8WV7bPg78GQZjCBURF4o13xde2UYlTzajPo19M+FgPZolxZ8gF pICgm6Zq6+O4aA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=buE7MFRORGZ3ggr1x8d8c91JuoNCM h7LW2oedp/ybuM=; b=CsUOh8tOxhCptX8+Et4qQpTqLhNxIlxBQWbNAs73PWnVn 0fP4HKRSFmscGBbr8h8ep2uTGCeD7yva6TL1nPUqm/kSZl1E99AUaLczXmyd71PF UXel29DTRAAUmRDcecNkYZGzv/6uVA8dkbflbvNWxYo6SnM4Kvc91Pa8yVFPdRUS vbN5oU4X0D9JEHjh54RFfKfOurU8pru/y1Tzspk+XXDSFjlQitZv1Hly27vQlKfm b2N1ZkYHlbJbN9N2Cmr/Regj22MQbO1V89yYgHM/Uae6ZrFW7ue+SKTvixq7UAP+ 2zpQg4IlcwSfkd5WF6EYD7a2NDMzRK6eT1/JtGeAw==
X-ME-Sender: <xms:CUrlYFAOl_KFmSrz9EbUI9-MOSyugIrO2RehDavevoyt2DiI5-0reQ> <xme:CUrlYDgU49pDaOqnzjat5H6ccWf1DefWXc5t_BMxhLyNNhtR5dCTzogBjMhKhxkFb I-Ehfutj-dCJ0mtxBU>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvtddrtddugdejkecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefofgggkfffhffvufgtsehttdertderredtnecuhfhrohhmpedfofgrrhhtihhn ucfvhhhomhhsohhnfdcuoehmtheslhhofigvnhhtrhhophihrdhnvghtqeenucggtffrrg htthgvrhhnpeegueehueejvdeiveffhedvkeegffekgffgtdetleefkeeffedtjefhtddu vddutdenucffohhmrghinhepghhithhhuhgsrdgtohhmnecuvehluhhsthgvrhfuihiivg eptdenucfrrghrrghmpehmrghilhhfrhhomhepmhhtsehlohifvghnthhrohhphidrnhgv th
X-ME-Proxy: <xmx:CUrlYAlE2mGVGM5TbzETtZ47yWeM5zr5fxMKQresZjvnfoBGPsycmA> <xmx:CUrlYPx5Po5MPs1rbXN4251oikarlwU0oltFMLW__RS0s1M3mCE02Q> <xmx:CUrlYKQcxurwGiRl8nXwEQyYy9Lde-3Dqf11OF9ibrQTezRwqdFkdA> <xmx:CkrlYBOWsGSfk31KGdfN9XZjtASnd_S02xlN0mkL757Ol4FjpZu8NA>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id D779D3C042D; Wed, 7 Jul 2021 02:30:33 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-531-g1160beca77-fm-20210705.001-g1160beca
Mime-Version: 1.0
Message-Id: <fbd0ea0f-6938-48f1-a0d1-643aa8da6fd6@www.fastmail.com>
Date: Wed, 07 Jul 2021 16:30:13 +1000
From: Martin Thomson <mt@lowentropy.net>
To: ohttp@ietf.org, Francesca Palombini <francesca.palombini@ericsson.com>
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/ohttp/R6AIOQPRu8DdByaF-hzPSRXOqcU>
Subject: [Ohttp] Updated proposed OHTTP charter
X-BeenThere: ohttp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Oblivious HTTP <ohttp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ohttp>, <mailto:ohttp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ohttp/>
List-Post: <mailto:ohttp@ietf.org>
List-Help: <mailto:ohttp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ohttp>, <mailto:ohttp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jul 2021 06:30:42 -0000
Hearing either no objection to the recently proposed changes and support of others, I've updated the proposed charter. https://github.com/unicorn-wg/ohttp-charter --- # Oblivious HTTP Working Group (OHTTP) Charter In a number of different settings, interactions between clients and servers involve information that could be sensitive when associated with client identity. Client-server protocols like HTTP reveal aspects of client identity to servers through these interactions, especially source addresses. Even without client identity, a server might be able to build a profile of client activity by correlating requests from the same client over time. In a setting where the information included in requests does not need to be correlated, the Oblivious HTTP protocol allows a server to accept requests via a proxy. The proxy ensures that the server cannot see source addressing information for clients, which prevents servers linking requests to the same client. Encryption ensures that the proxy is unable to read requests or responses. The OHTTP working group will define the Oblivious HTTP protocol, a method of encapsulating HTTP requests and responses that provides protected, low-latency exchanges. The working group will define any encryption scheme necessary and supporting data formats for carrying encapsulated requests and responses, plus any key configuration that might be needed to use the protocol. The OHTTP working group will include an applicability statement that documents the limitations of this design and any usage constraints that are necessary to ensure that the protocol is secure. The working group will consider the operational impact as part of the protocol design and document operational considerations. The working group will prioritize work on the core protocol elements as identified. In addition, the working group may work on other use cases and deployment models, including those that involve discovery of OHTTP proxies or servers. The OHTTP working group will work closely with other groups that develop the tools that Oblivious HTTP depends on (HTTPbis for HTTP, CFRG for HPKE) or that might use Oblivious HTTP (DPRIVE for DNS over HTTPS). The working group will use draft-thomson-http-oblivious as input. --- I think that Francesca floated a single milestone for the core protocol that was between 4 and 5 meetings out from formation of the working group. That is, 18 months. That is the only piece not captured here.
- [Ohttp] Updated proposed OHTTP charter Martin Thomson
- Re: [Ohttp] Updated proposed OHTTP charter Francesca Palombini