IETF Logo Mail Archive

Re: [Ohttp] Martin Duke's No Objection on charter-ietf-ohttp-00-00: (with COMMENT)

Martin Thomson <mt@lowentropy.net> Wed, 16 June 2021 22:27 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: ohttp@ietfa.amsl.com
Delivered-To: ohttp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9AB513A07A2; Wed, 16 Jun 2021 15:27:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.798
X-Spam-Level:
X-Spam-Status: No, score=-2.798 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=P2Dzs1ZK; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=caE0R/TM
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gFzdrWr_wfSa; Wed, 16 Jun 2021 15:27:16 -0700 (PDT)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EEF393A07A4; Wed, 16 Jun 2021 15:27:15 -0700 (PDT)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id DCFDC5C013F; Wed, 16 Jun 2021 18:27:13 -0400 (EDT)
Received: from imap10 ([10.202.2.60]) by compute4.internal (MEProxy); Wed, 16 Jun 2021 18:27:13 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :cc:subject:content-type; s=fm2; bh=p5aIb/miCby/xfeHT820xIvkTvGz j9MoGjznqRe0kcw=; b=P2Dzs1ZKfCEcFPGiUaR+FaOg5VWMx2foe4Li11Gsme8c AhUNYqCY/w1xGwz8MRMwQ3SE8h0ITlyjq+wNmS9oFit0NRJjwYc9ugf0fNR3PEk6 XAXMAatv3u73tZ/E+ccKeB/QA7E6hyNt165O+Y6x9YMccVN0K37dTkves+jJqOeQ 12YM9xLcNpsapKwkIx+XoZRZyp6NOTkDEKE4qBaWgQ82EVTTMzYKEVd0shgeWKrO HODr0vkv4v4PluISfr4QnomrbU8ojNRg+Di/NM35Asba2jJGd144H+3hdSOSidMv fvWGcojo9X2spBTqIV35FWx5JI2R4PylYDU4q+v5Fg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=p5aIb/ miCby/xfeHT820xIvkTvGzj9MoGjznqRe0kcw=; b=caE0R/TMyDMyEN9EN+ZgiU yzAw13hwyCYkg8Z9pjQBrMMfSjyUug6nlexjuWHRpi+qI9VQKEnlAqYQ+GUZ7KrX IUxtp38GmHfM3QKO6rURJXt/1oYQNvYJM1iRl64c5kpjz02UCufomJXucUPFYrY3 1RM4upvUzOJGGKeJqZ9tZWO7E73Bq5aB04Fp/KkkkpReYoP4Wm9gzbi53o4MmF1f xWrWCZNlSIZ3lz+XnOPi4Y+vksyWJdslLVu8wM4sZcTZEmymunS9+dmuoL4JsNE0 jdWmQ+UP4WSNcOrbcpFnwhG0lIoL7VIWg4w6I/XIK0GZaLe00394j2VJDyVS9GaQ ==
X-ME-Sender: <xms:wXrKYKCraeG7jq3eaPFO9KZ6VIJBSuHIUH4g3NVGmYz8IhMFPRun2g> <xme:wXrKYEjvpSkDDT3sEpM2L5fQ5By59X-FtpNqxsOt71Ngw-9visRDhwXutrXi1-ht_ 3ftLOhgiA798d_D3C0>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrfeeftddgtdeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfggfkjghffffhvffutgesthdtredtreerjeenucfhrhhomhepfdforghr thhinhcuvfhhohhmshhonhdfuceomhhtsehlohifvghnthhrohhphidrnhgvtheqnecugg ftrfgrthhtvghrnhepheefteduudduhedtkefhvdfhteelffdujeegjeffheffveekudei gfeuveekfeelnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrh homhepmhhtsehlohifvghnthhrohhphidrnhgvth
X-ME-Proxy: <xmx:wXrKYNnpYc7SDY9QvGPz-tFrWJOgJRsINbMnwQdnbywQESbXOW37Eg> <xmx:wXrKYIzzuN6TY_3HPUcLXvmu0AApMsdWjRbxLIBoyzxfPo2_Djwaow> <xmx:wXrKYPQ-4yioHUQ5z3umiG_WZtT-jtKEn5Jdj0Xca51Z8JYkYt-BOg> <xmx:wXrKYGJkrtdL3ug0OL8TuaJuIt_CU0xpYPVB7NRn6n8WeYSTUzyNlQ>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 1E0AE4E0095; Wed, 16 Jun 2021 18:27:13 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-526-gf020ecf851-fm-20210616.001-gf020ecf8
Mime-Version: 1.0
Message-Id: <c47f493a-3928-42e3-849d-3deadd29d5cd@www.fastmail.com>
In-Reply-To: <162388203918.20149.1169138810781121804@ietfa.amsl.com>
References: <162388203918.20149.1169138810781121804@ietfa.amsl.com>
Date: Thu, 17 Jun 2021 08:26:47 +1000
From: Martin Thomson <mt@lowentropy.net>
To: Martin Duke <martin.h.duke@gmail.com>, The IESG <iesg@ietf.org>
Cc: ohttp@ietf.org, ohttp-chairs@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/ohttp/ijZapodROSNzPTxzBKC-Yqm9jf8>
Subject: Re: [Ohttp] Martin Duke's No Objection on charter-ietf-ohttp-00-00: (with COMMENT)
X-BeenThere: ohttp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Oblivious HTTP <ohttp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ohttp>, <mailto:ohttp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ohttp/>
List-Post: <mailto:ohttp@ietf.org>
List-Help: <mailto:ohttp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ohttp>, <mailto:ohttp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Jun 2021 22:27:22 -0000

Hi Martin,

On Thu, Jun 17, 2021, at 08:20, Martin Duke via Datatracker wrote:
> I'm satisfied (via email and draft-thomson) that answers to these questions
> exist, but the charter could use some more explanation of the server/proxy
> relationship.  

The proxy provides a resource (identified by a URL) that the client sends encapsulated requests to.  Any request the proxy receives is forwarded to a resource (identified by a URL) at the server.

For the purposes of making the first request, the client authenticates the proxy.  The encapsulation on the request ensures that only the server can remove the encapsulation.  So in a sense it doesn't matter what the proxy does with it, but the proxy is expected to authenticate the server.  As far as making requests and authenticating servers, this is just how HTTP works.

> I assume that the proxy can't see the request targets, and thus
> there must be a habitual relationship between the two. 

Yes.  Habitual == fixed on a per-resource basis.

v2.23.0 | Report a Bug | By Email