Re: [perpass] perens-perpass-appropriate-response-01

Bruce Perens <bruce@perens.com> Fri, 27 December 2013 07:48 UTC

Return-Path: <bruce@perens.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 491BD1AE183 for <perpass@ietfa.amsl.com>; Thu, 26 Dec 2013 23:48:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.437
X-Spam-Level:
X-Spam-Status: No, score=-2.437 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.538] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CYuDKqiprIJN for <perpass@ietfa.amsl.com>; Thu, 26 Dec 2013 23:48:54 -0800 (PST)
Received: from alchemy.perens.com (alchemy.perens.com [206.221.219.26]) by ietfa.amsl.com (Postfix) with ESMTP id 57F681AD67B for <perpass@ietf.org>; Thu, 26 Dec 2013 23:48:54 -0800 (PST)
Received: from bruce-transformer.home.perens.com (c-50-168-114-183.hsd1.ca.comcast.net [50.168.114.183]) by alchemy.perens.com (Postfix) with ESMTPSA id 19A3550008D; Thu, 26 Dec 2013 23:48:49 -0800 (PST)
User-Agent: K-9 Mail for Android
In-Reply-To: <52BCD497.20501@dcrocker.net>
References: <E2DA1477-C86E-441E-A33D-D47A0D67AFF3@iab.org> <529E8494.7000806@perens.com> <20131204111309.GB11727@nic.fr> <529F61D8.6030105@perens.com> <20131204171207.GC19914@thunk.org> <529F63C0.3040804@perens.com> <529F88AC.3090904@appelbaum.net> <529F90A0.8000706@perens.com> <529F9205.30906@appelbaum.net> <529F98C0.9090808@perens.com> <529F9F14.8050805@appelbaum.net> <529FB61A.7090604@perens.com> <529FBEF9.7030205@appelbaum.net> <529FC347.3080806@perens.com> <52A15835.2070901@cis-india.org> <52A21B80.8070005@mykolab.com> <52A21D1C.8020000@perens.com> <BC888A6F-F048-4BA6-92F4-8812753F8534@icsi.berkeley.edu> <52A2235A.2030801@perens.com> <ADD6858C-7548-479E-BB71-316E9C52F812@icsi.berkeley.edu> <c97f3134-eedf-44e1-880c-147efb172fc6@email.android.com> <240A2D86-C352-4954-BE4E-6313BA25994E@icsi.berkeley.edu> <52A2CE6A.30408@perens.com> <52A31F1D.7040509@cs.tcd.ie> <5D026682-5457-4F00-B139-58D8D718BB0A@icsi.berkeley.edu> <52BCD497.20501@dcrocker.net>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----B2J8XB4A0K9M8ZP77DLT7BSJFNSUB3"
From: Bruce Perens <bruce@perens.com>
Date: Thu, 26 Dec 2013 23:48:43 -0800
To: dcrocker@bbiw.net, Dave Crocker <dhc@dcrocker.net>, Nicholas Weaver <nweaver@ICSI.Berkeley.EDU>
Message-ID: <2aa980cd-ee22-4e9c-8122-812ae0c9c650@email.android.com>
Cc: perpass@ietf.org
Subject: Re: [perpass] perens-perpass-appropriate-response-01
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Dec 2013 07:48:55 -0000

eTag is a partial step in this direction. But not very far. There's no defined way for the client to independently verify it, and it isn't necessarily identical across different lossless compressions of the object. A tighter specification could add end-to-end authentication of an object while retaining the existing functions of eTag.

The most oft-used convention is a separate checksum file. Less often, the checksum file is signed.
-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.