Re: [Ohttp] Updated proposed OHTTP charter
Francesca Palombini <francesca.palombini@ericsson.com> Wed, 07 July 2021 17:12 UTC
Return-Path: <francesca.palombini@ericsson.com>
X-Original-To: ohttp@ietfa.amsl.com
Delivered-To: ohttp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 479703A1F4E for <ohttp@ietfa.amsl.com>; Wed, 7 Jul 2021 10:12:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.299
X-Spam-Level:
X-Spam-Status: No, score=-2.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.198, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7aPdytcQWdUj for <ohttp@ietfa.amsl.com>; Wed, 7 Jul 2021 10:12:07 -0700 (PDT)
Received: from EUR02-HE1-obe.outbound.protection.outlook.com (mail-eopbgr10045.outbound.protection.outlook.com [40.107.1.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 15E4E3A1F54 for <ohttp@ietf.org>; Wed, 7 Jul 2021 10:12:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VBrEyxkFerwyWyO32GVILjAH4Y+CtR09KgNsWU7afSmxDCmH6zT7W2gXF2oZ1GAvNt8Nthrovd4PZWjSnjvgC36q9gxywgSbHafkCOG7G3902ysk3wnzZThQMq+HlvvtZ8DZiBsb1nmK0e1YouVO2cv2szxXbJXHqamTwmwGWdPs0S7lPexuopks9GSlHotMbRGGmWZloZX+pjNdCg5dtpEuMnm3QRnVWSlFD1L+4QKCLhaTXBnTHXv6hxpmDmV0xu/FL73ENeJ33hbS8lGtgoWJuc0mxwOiNy2/mSOjtbO1fPzvIB7xX1HCncfATyoqONCUgfP2kDLKBB36FuN0cg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=h0b35VA9R0y2V/lL7PXefVtCqBdCVzfA36COV6lcMB4=; b=nsGm2ZcU6tN07vN/9j0ckuQYw1r+mapIjnHCxB3elnidcSdg1YAeCgKBG1tt9qfBDj4bmDri/HRdasZfd53OAtEgzrk2RAidGhqgqyM5mNXsTFDLXmCC2jXT0kre5rT8IwrtPBjNMt5kD8pjVxaYZJ5MS0B6eusghCJq5pdUgB7UkKfqp8un+iUZnYqUOe2fy+9s5k8t7IpX4am8y6PgTtO08FOIltXJIejukNVqDkFLxaK6gGVvhcG3fW0JnOLNi1sYzVMGPldOWLx1GFqKapRjsrge06vt1un9NjJ3Tp1GJuNwpJhAYJBjvgNZ5pkKq5LEq6XBoDT0E4V5asffjA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=h0b35VA9R0y2V/lL7PXefVtCqBdCVzfA36COV6lcMB4=; b=NVv4M41qufVEHb6Xrm+SKwl2XHRvq4PSzOpgWiLmjUb1GVUIuzcdB1eOH1S9ZB7Brl2nW7mmfKv9fdaJcb3GTsto9Ebx/oUaCAo+Pvt/qyy1SXGxHPlr0KHNC0SuvNIPZCtdZoeSWgI7KnTnGIGsqADhPVHdSWvfRQ8gLFJ2hcg=
Received: from HE1PR07MB4217.eurprd07.prod.outlook.com (2603:10a6:7:96::33) by HE1PR0701MB3003.eurprd07.prod.outlook.com (2603:10a6:3:4e::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4287.12; Wed, 7 Jul 2021 17:12:01 +0000
Received: from HE1PR07MB4217.eurprd07.prod.outlook.com ([fe80::6ce5:7088:a9a8:15d9]) by HE1PR07MB4217.eurprd07.prod.outlook.com ([fe80::6ce5:7088:a9a8:15d9%7]) with mapi id 15.20.4308.021; Wed, 7 Jul 2021 17:12:01 +0000
From: Francesca Palombini <francesca.palombini@ericsson.com>
To: Martin Thomson <mt@lowentropy.net>, "ohttp@ietf.org" <ohttp@ietf.org>
Thread-Topic: Updated proposed OHTTP charter
Thread-Index: AQHXcvmd5XeinGa3f0mqwZdWklzkZKs34fqA
Date: Wed, 07 Jul 2021 17:12:01 +0000
Message-ID: <BAA91D47-7936-4D54-98CE-7CFA201B25D3@ericsson.com>
References: <fbd0ea0f-6938-48f1-a0d1-643aa8da6fd6@www.fastmail.com>
In-Reply-To: <fbd0ea0f-6938-48f1-a0d1-643aa8da6fd6@www.fastmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.50.21061301
authentication-results: lowentropy.net; dkim=none (message not signed) header.d=none;lowentropy.net; dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 1b819111-043e-4e69-c6c2-08d9416a5632
x-ms-traffictypediagnostic: HE1PR0701MB3003:
x-microsoft-antispam-prvs: <HE1PR0701MB3003BF920A50FAC206871F3B981A9@HE1PR0701MB3003.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: txg2rT7AU6ad2Pux7ripe5Jj2MHhhyJRioKJlixZ4RW4xzkY/OfH6ERNijsrDe+r9tfiQGtoCbmIiwUtDLdlljBPAi1xJ56Id/0/k34zL0kif08B+/D2EvNq2kdmaxwnkRJTtCRB0S8d5ci1Ft9RsiHCBhiZ+9DlP3WTOJfcf93nBQZYOkRMH2rVaakPk7ASppSJhHSBSBZdsu/lBQU63nTflZJ6RAP4ADoJGCbydlxUFZSZkMwJbqdSE0MMrxBxMlY6i+pEDWJHmY+SAxS6pZh+DR2eIta7sL57RCIcFC1PeC3t55Uervt9Wj2hUoaeXYnDOuQTulkGCDjnsE1I5M2kDhP66xRRl7240D45o7ZmU7zGvvwl37JzmACLRN3YO4ipspIQmB9vA89x11+2qP7TDSUuZ0ahU0Qr7aT6OC+AbMD25wXps+URK8GWrqP4kooNm+Apsj1cnthu7fWHtfYWSDzR36A9TExfjYLC6iwV9VVpl0w1MzgdQMy+eidFsV7kOX8T8u/2/u3JCbh7yv1kIna3vOXb28I7sbodt0ckaShDzDhy8u6XoFei3DuicUcuriTjm9K2z02MK3nhPjze6CfyK+NTMwxnEIIki4PTxs3Lmw1/0DOvxOisBy2Swn6s8WT3GerBRW9F/X9/5AescLMZwMVqoxFzIDhIs6gn0814KhNbl358K/TdG2XbUb7UWMi3iIQAZ0EGF36jetdLDTGoaqPPrXL6TEwoAKkEOgKq96UOC7Fl+8hh6rggX7UbnS6Fnp7/eM2zw7QMw/t45yvzSMuPKM67s7af5DtKKfYN20iZaXQfJonx3RHWtYxwsFy0YFXCAejUhPy0YQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR07MB4217.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(39860400002)(376002)(366004)(346002)(136003)(66476007)(66446008)(15650500001)(6506007)(86362001)(316002)(2616005)(66556008)(36756003)(83380400001)(38100700002)(3480700007)(71200400001)(6512007)(122000001)(5660300002)(110136005)(8676002)(66946007)(33656002)(478600001)(6486002)(8936002)(44832011)(76116006)(2906002)(64756008)(966005)(186003)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: veIduS/fnSwio+DI+yALrfflEOjvUP2KSnM3UdXjmm1kdbRPyvURAJaz0FdjwUkDkmDvrOiR9nZrUy5ii0DnidBj8tMCm47ivmBZJh3qNoDJbiEWFwZak5qeTUMIEE4mB0ywNZtHec2jiH90U7PCxTT0fYOJerMzwrERMiOp0tu7nr9SP+63dQwCkGjxOcOSCuOB6Co20RtEg/LIZfxSO8lnpmk5oOCPe/XV+FaHuSRFV6foTUyLZFNAEN8rt+EdiC7nrmxx6M8eDVBk9AczwZqWFBPA2dSPM8E988h5qqgYtLBhrwdwamo0vo9VlCXgSFnRK4BstGQ0wFPeYGTYbVT4QUIUgnWdpLXYBfmAJsaNJQxDoE2EQ2oQZQ1R8pjfjNclvQcH++Tj6UpN3X+6fCLej+m5R69ygL8oAbgVzxjdLnGkHidRIY1K2WLkP1ZL36ZW1vNKsektyQ94CsyrwhWDrT7nisQyYBKfQuh7rCzBeiTiCtcdTFR3yYRsN2p9Cw77tMBwjVDGhrtNIlHsCMNzewZ65u4E7Y3FQyjqlFXnmqp0GkV25/PlxosjWMVgV2vGOZK+clBu7H65zAYibyW7u5pDNKKI0thY9BkiGA6zP1CsEC6sv8snBU73hMfX3WueZlJtRwfKTcK1X/zTA2k7l3vDmZArave6ly6Cv/s3ds8CIRVmFNzrywZQ/dL9QUWOBdsdDXK0uwpiz3AFagsR7h0xiwzDzu3D/FVvtJGagIAAzB0Uq9hE5nNGot3ZGPh0vLeQfgiOJ3fSp5P9V/hgs8+ovOjkqfj/fXrLC/6JFfEnF902u3OT1gGq8etCREm+rlSWZI9qASESKOPpYC7FgJeoo3gx7d2TMHBiXtBtsLS3Zk9Y08uJusV37oNepRW9dlZvUepLeJaNOoeNpIgzptjhA68TCsSyUSt48V3+k9U2gMafjEsf7l+HYMMctPK7epcCwNH+Jqj37n7IdfaRgtwS17RVCD9JHQSH3sQ1TcJWgIHvtuJExR6PvHZ9cnQiLdrU9erhe5WRrF0pOq0AkSVKqem6lgojNxg9iE2dJ8MvrZCqbqzhZ422BKqqaOXreE9fenpO7fQRn/kuUrwkRvEQ3GcUMSJxGu2bzI3E1MDTisE5zcxlDhRPQtpwFvtxt0j9rDim1Zu6jOJwCXsayqyk8mfAEgxIkFiadNi8AdS0bsiJTrDh/lDIBoQ2MCB4wdnohXHqsTm85JrnjXbMwkKXi80IiiBdMOMgoaOpcSmtobeO4SgCHSLKX0e4reU+69l4AMzlzthVwuE0h72gbA062yKB2kX7/jdOBRlXTpkEp5Pzw9LITi9Ql6JdkDCqAqi1PlQnFHvFUtpvlqhH3Awjeqr8Xm00sLZEBfGakUYlWjX2t4C/NgZ2DnWHf+pQ2nyc4mY4lwlbOVbTHw==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <841D3C3076871F4082FBA613828CCABD@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR07MB4217.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 1b819111-043e-4e69-c6c2-08d9416a5632
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Jul 2021 17:12:01.7393 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: N8BXiwYHgm+ttJ+Ta8Tgjk4u4GOM51d6Kq+5DLRheXp97qDAEU1hoydlhsH+Z+X30QpkIX0tW08pU00VPY4PabirinxBHWmUdyGU15ENwHv8XMTOFxEj20QfrwqFTks1
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB3003
Archived-At: <https://mailarchive.ietf.org/arch/msg/ohttp/RIOQ084-Rg-BEjddWPcIX0yZnXs>
Subject: Re: [Ohttp] Updated proposed OHTTP charter
X-BeenThere: ohttp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Oblivious HTTP <ohttp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ohttp>, <mailto:ohttp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ohttp/>
List-Post: <mailto:ohttp@ietf.org>
List-Help: <mailto:ohttp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ohttp>, <mailto:ohttp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jul 2021 17:12:12 -0000
Thanks Martin, all, I have uploaded this new version to the datatracker: https://datatracker.ietf.org/doc/charter-ietf-ohttp/ You can check the diff here: https://www.ietf.org/rfcdiff?url1=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fcharter-ietf-ohttp%2Fwithmilestones-00-00.txt&url2=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fcharter-ietf-ohttp%2Fwithmilestones-00-01.txt (and the milestone can indeed be changed, right now is set to July 2022) Francesca On 07/07/2021, 08:30, "Martin Thomson" <mt@lowentropy.net> wrote: Hearing either no objection to the recently proposed changes and support of others, I've updated the proposed charter. https://github.com/unicorn-wg/ohttp-charter --- # Oblivious HTTP Working Group (OHTTP) Charter In a number of different settings, interactions between clients and servers involve information that could be sensitive when associated with client identity. Client-server protocols like HTTP reveal aspects of client identity to servers through these interactions, especially source addresses. Even without client identity, a server might be able to build a profile of client activity by correlating requests from the same client over time. In a setting where the information included in requests does not need to be correlated, the Oblivious HTTP protocol allows a server to accept requests via a proxy. The proxy ensures that the server cannot see source addressing information for clients, which prevents servers linking requests to the same client. Encryption ensures that the proxy is unable to read requests or responses. The OHTTP working group will define the Oblivious HTTP protocol, a method of encapsulating HTTP requests and responses that provides protected, low-latency exchanges. The working group will define any encryption scheme necessary and supporting data formats for carrying encapsulated requests and responses, plus any key configuration that might be needed to use the protocol. The OHTTP working group will include an applicability statement that documents the limitations of this design and any usage constraints that are necessary to ensure that the protocol is secure. The working group will consider the operational impact as part of the protocol design and document operational considerations. The working group will prioritize work on the core protocol elements as identified. In addition, the working group may work on other use cases and deployment models, including those that involve discovery of OHTTP proxies or servers. The OHTTP working group will work closely with other groups that develop the tools that Oblivious HTTP depends on (HTTPbis for HTTP, CFRG for HPKE) or that might use Oblivious HTTP (DPRIVE for DNS over HTTPS). The working group will use draft-thomson-http-oblivious as input. --- I think that Francesca floated a single milestone for the core protocol that was between 4 and 5 meetings out from formation of the working group. That is, 18 months. That is the only piece not captured here.
- [Ohttp] Updated proposed OHTTP charter Martin Thomson
- Re: [Ohttp] Updated proposed OHTTP charter Francesca Palombini