IETF Logo Mail Archive

Re: [Privacy-pass] Robert Wilton's Discuss on draft-ietf-privacypass-auth-scheme-12: (with DISCUSS and COMMENT)

"Rob Wilton (rwilton)" <rwilton@cisco.com> Wed, 13 September 2023 08:20 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: privacy-pass@ietfa.amsl.com
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FD72C15107A; Wed, 13 Sep 2023 01:20:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.605
X-Spam-Level:
X-Spam-Status: No, score=-14.605 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b="HH06WI3A"; dkim=pass (1024-bit key) header.d=cisco.com header.b="WkknxONt"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yBcWB-syQSAP; Wed, 13 Sep 2023 01:20:12 -0700 (PDT)
Received: from alln-iport-4.cisco.com (alln-iport-4.cisco.com [173.37.142.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3912CC151522; Wed, 13 Sep 2023 01:20:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=31062; q=dns/txt; s=iport; t=1694593212; x=1695802812; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=sl7rma6TdtY6a1S4hMY1YzMRMvfr97McCQMAWm8eIvw=; b=HH06WI3AC0kKxDEYqE8kcCpXc5zzKyH1EImbUAULqkF5pewlXu6LX3f6 EKA3xgSRgyDodxbknUUw0KK1GCuU15Npn+aVwW2jm0YmTMviALfenUuVu W5Jij7ZH1BM5m05w7WpJ+9oEvRLKnf0hLmH0b3sJS9svVAcT3MUMaYrgM 4=;
X-CSE-ConnectionGUID: fekecI53Q4CfbXWF/0z5DA==
X-CSE-MsgGUID: zzEAywVkTnCT+UlgF7HfHg==
X-IPAS-Result: A0AJAAC2bwFlmJldJa1aGwEBAQEBAQEBBQEBARIBAQEDAwEBAWWBFgYBAQELAYEzMVJ2AlkqEkeEUoNMA4ROX4hjA517FIERA1YPAQEBDQEBLgEFEAQBAYRBRgIWhlsCJTQJDgECAgIBAQEBAwIDAQEBAQEBAQIBAQUBAQECAQcEFAEBAQEBAQEBHhkFDhAnhWgNhhABAQEBAwEBEBEKEwEBLAsBDwIBCA4CAQEDAQEhAwQDAgICJQsUAwYIAgQBDQUIGoJcAYIWSAMBEAagEQGBQAKKKHqBMoEBggkBAQYEBYE8AhBBsF0DBoFIAYgIAYFOAQGDaYRNJxuBSUSBFUOBZoECPoJiAQEBAQGBKAESASMrCYMlOYIuiUiCdYIGGC4HMoEMDAksWYM3J4lyKoEICF6Baj0CDVULC12BEYJFAgIRORRHcRsDBwOBAhArBwQyGwcGCRYtJQZRBC0kCRMSPgSBZ4FRCoEGPxEOEYJFIgIHNjYZS4JjCRUGOk52ECsEFBiBDAgEagUaFR43ERIZDQMIdh0CMjwDBQMENgoVDQshBRRDA0gGSwsDAhwFAwMEgTYFDx4CEBoGDisDAxlRAhEUAygDRB1AAwttPTUUGwUEZlkFoA8LFwM8MiqBQSQCTD4mBCILDhYCFAwCOSQhYgYLZJI9CoMTR4p1jjuUZAqEC4wAjxeGJBeEAYxumA5imC0gjUGVJoUVAgQCBAUCDgEBBoFjOi0+cHAVO4IzAQEBMVIZD44gDA0JFoNAhRSKZXYCOQIHAQoBAQMJi0gBAQ
IronPort-PHdr: A9a23:pi3jVxYX70lux4V838Aotvv/LTDihN3EVzX9orIuj7ZIN6O78IunZ QrU5O5mixnCWoCIo/5Hiu+Dq6n7QiRA+peOtnkebYZBHwEIk8QYngEsQYaFBET3IeSsbnkSF 8VZX1gj9Ha+YgBOAMirX1TJuTWp6CIKXBD2NA57POPwT5TNjsCr0Oaa8JzIaAIOjz24Mvt+K RysplDJv9INyct6f78swwHApGdJfekeyWJzcFSUmRu9rsvl9594+CMWsPUkn/M=
IronPort-Data: A9a23:oeyME6iQjRumBZbAHomZZV+DX161iRAKZh0ujC45NGQN5FlHY01je htvUG+GPauPZWH8eYhxbou+9ENSvsSHyNZrHQA4ryw1RXljpJueD7x1DKtf0wB+jyHnZBg6h ynLQoCYdKjYdleF+1H1dOCn9CEgvU2xbuKUIPbePSxsThNTRi4kiBZy88Y0mYcAbeKRW2thg vus5ZWFULOZ82QsaDlMuvvY8EoHUMna4Vv0gHRvPZing3eG/5UlJMp3Db28KXL+Xr5VEoaSL woU5Ojklo9x105F5uKNyt4XQGVTKlLhFVTmZk5tZkSXqkMqShrefUoMHKF0hU9/011llj3qo TlHncTYpQwBZsUglAmBOvVVO3kWAEFIxFPICXayssGY7hCdSifHzf9eM29xZZ9F1s8iVAmi9 dRAQNwMRgqIi+Tzy7WhR6w2wM8iN8LseogYvxmMzxmAUq1gGs+FEv6MvIIDtNszrpgm8fL2f dUYbSZoajzLYgZEPREcD5dWcOKA3ySiKGIB9AzJzUYxy3rB4SVgz4buDNz+Rp+3Qcp7wWaWh m2TqgwVBTlDZIDAllJp6EmEnvXOgyrwSccKHaaj3v9nnFPVwXYcYDUOT1qlqPKokkelQJdUK 0UV4DEGrKUu+gqsVNaVdxGiqXCY+x8RR9QVC/c79giG27Ld+B3cD3UYTntaY9wrscIeRDE22 BmOhdyBLT1iq7K9SH+B+PGTtzzaBMQOBXUJaSlBRgwf7py55ooylRnICN1kFcZZk+EZBxn+z jOHpwlj3IxPpsAB55qVugjV3h6F882hohEO2i3bWWes7wVcbYGjZpC15VWz0RqmBNvFJrVml CVZ8/Vy/NziHrnWy3PQGLRl8KWBoqfaYGeF0DaDCrF4r2z1k0NPa7y8992XGauEGtwPdTmsa 0jJtEYLopRSJ3CtK6RwZupd6vjGL4C+TbwJtdiNPrKih6Sdkifco0mCgmbLjwjQfLAEy/1XB HtiWZ/E4YwmIapm1iGqYOwWzKUmwCszrUuKG8Gnkkj8jeHCPCHFIVvgDLdoRr1ohE9jiFuNm +uzy+PWo/mieLSkO3KOodJ7wa4idCdgX/gaVPC7hsbaclY5RwnN+tfawKgqfMR+jr9Jm+LTl kxRqWcGoGcTcUbvcF3QAlg6MeuHdc8m8RoTY3d2VX72gCdLXGpaxPpFH3fBVeN5pLULID8dZ 6RtRvhs9dwREW+XpWlFM8OVQU4LXE3DuD9i9hGNOVAXV5VhXAfOvNTje2PSGOMmVEJbaeNWT 2Wc6z7m
IronPort-HdrOrdr: A9a23:ta0cza3oAMqpb1NHydya3QqjBf1xeYIsimQD101hICG9Lfbo9P xGzc566farslcssSkb6KG90cm7LU819fZOkPAs1MSZLXnbUQqTXc5fBO7Zsl/d8kLFh5NgPM tbAs9D4ZjLfCZHZKXBkUeF+rQbsaW6GcmT7I+0oQYJPGVXguNbnnhE422gYzVLrXx9dOAE/e 2nl7F6TlSbCBIqR/X+LEMoG8LEoNrGno/nZxkpOz4LgTPlsRqYrJTBP1y9xBkxbxNjqI1OzY HCqWPEz5Tml8v+5g7X1mfV4ZgTssDm0MF/CMuFjdVQAinwiy6zDb4RG4GqjXQQmqWC+VwqmN 7Dr1MLJMJo8U7ceWmzvF/ExxTg6jAz8HXvoGXowkcL4PaJBg7SOfAxwb6xQSGprHbIe+sMlp 6j6ljp8qa/yymwxRgVqeK4Dy2C3XDE0kbK2dRj/UC3F7FuKYO4aeckjRlo+FBqJlOg1Kk3VO ZpF83S//BQbBeTaG3YpHBmxJi2Um00BQrueDlJhiW56UkfoJlC9TpS+OUP2nMbsJ4tQZhN4O rJdqxuibFVV8cTKaZwHv0IT8e7AnHEBUukChPfHX33UKUcf37doZ/+57s4oOmsZZwT1ZM33J DMSklRu2I+c1/nTceOwJpI+BbQR3jVZ0Wh9uhOo5xi/rHsTrviNiOODFgojsu7uv0aRtbWXv 6iUagmSsML7VGeb7qh8zeOLKW6c0NuJfH9kuxLL26zng==
X-Talos-CUID: 9a23:x9AbkWq3sj8urtVxuW6cXfnmUc4ocXDW7SqLGhOTB2xZd5PSEU3N1Ioxxg==
X-Talos-MUID: 9a23:L9eEVQRD9zaDYn2BRXT+lhxLJdhW4JioI3xOrJEJlZakOwx/bmI=
X-IronPort-Anti-Spam-Filtered: true
Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by alln-iport-4.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Sep 2023 08:20:11 +0000
Received: from alln-opgw-1.cisco.com (alln-opgw-1.cisco.com [173.37.147.229]) by rcdn-core-2.cisco.com (8.15.2/8.15.2) with ESMTPS id 38D8KBnB000656 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 13 Sep 2023 08:20:11 GMT
X-CSE-ConnectionGUID: T+j4uM4uRg+UahYupXzVaA==
X-CSE-MsgGUID: cj1cF0bjQA2xjZYfEQw9hg==
Authentication-Results: alln-opgw-1.cisco.com; dkim=pass (signature verified) header.i=@cisco.com; spf=Pass smtp.mailfrom=rwilton@cisco.com; dmarc=pass (p=quarantine dis=none) d=cisco.com
X-IronPort-AV: E=Sophos;i="6.02,142,1688428800"; d="scan'208,217";a="1367557"
Received: from mail-bn7nam10lp2107.outbound.protection.outlook.com (HELO NAM10-BN7-obe.outbound.protection.outlook.com) ([104.47.70.107]) by alln-opgw-1.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Sep 2023 08:20:10 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Cl1jhvN6BhCa25kSSjWgx1j3RRK7P3cQmOFciyaIbdWVGpGGGxtzjjI3p1ZF0qXbvbGiusaEYuVcEuWd0uBHXl6PfUSUJ4bNwgajkn3EF873uLz28uQhsu/eK9b+MLQo246GRw2SPkhvr5Urf6bDbxdgxcRyugt+YnqLzAp3jLcNFipKq3ObsV5qh3PppQ9osMlfox77IajSMIRqZxU5FRgkNazYdZtQB9p7M39qvCaRdpcVPYgTzTDmvXU27mYxewbELO/pEdKJgWDrXk+w4npY0BSeu95mTZCApbkWcoY5ohH23PSyXvjqv2bHLRRYT0IcOQlWcQoZqtsTvrnjJQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=sl7rma6TdtY6a1S4hMY1YzMRMvfr97McCQMAWm8eIvw=; b=Di1ntvU/6L/R9iqOaYlKQJ3FntFSqwgoOlo7/AJjlErQp1wj8Cz5Bh2QH0K0tOmU21KJ7bRQVbgc9hKnLm4dtIagtJQTZWXEzu3rgGwwVMXiMO4zAhiaR5fX8SO3iWLtzcF9aAavM3VgZK7+Ja5Tt/Ulu1IS+vQ5KXZjDxiI1xM49898vfZUh6jkYV7IHYj1cEoCpqnLe0FWvZlYtgQIdN9dmvQuNwveXBfjd+KCr4x0Qvm1KroHbXBeYQc6awnn+OPbYb2KfttvqHZ1NNaRCreq/fpBEFCZ0RW1AVKBQ3KVVBSB0klOM6mYgk1rtesL894qNzZmOcfRFFmDBraPTw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sl7rma6TdtY6a1S4hMY1YzMRMvfr97McCQMAWm8eIvw=; b=WkknxONt7qoONZFNAYIcaKt8X9rnWfJr+tw6n5D0/O7raNt5Xi8OAOjWnBjQuBL6NrmqrqOTtB/cRKcW2msLqPB668Nk7GYWeH7q6xnOx5153/53QAgGJShUg1CAbtMugz3Pcu4OSS1qMXeP7we4TKoUAM7OVrkcEzLPOXyuLLc=
Received: from BY5PR11MB4196.namprd11.prod.outlook.com (2603:10b6:a03:1ce::13) by LV3PR11MB8767.namprd11.prod.outlook.com (2603:10b6:408:215::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6768.30; Wed, 13 Sep 2023 08:20:08 +0000
Received: from BY5PR11MB4196.namprd11.prod.outlook.com ([fe80::b2b2:e22e:3d6c:14de]) by BY5PR11MB4196.namprd11.prod.outlook.com ([fe80::b2b2:e22e:3d6c:14de%6]) with mapi id 15.20.6792.019; Wed, 13 Sep 2023 08:20:08 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: Tommy Pauly <tpauly@apple.com>, Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org>
CC: The IESG <iesg@ietf.org>, "draft-ietf-privacypass-auth-scheme@ietf.org" <draft-ietf-privacypass-auth-scheme@ietf.org>, "privacypass-chairs@ietf.org" <privacypass-chairs@ietf.org>, "privacy-pass@ietf.org" <privacy-pass@ietf.org>, Benjamin Schwartz <ietf@bemasc.net>
Thread-Topic: [Privacy-pass] Robert Wilton's Discuss on draft-ietf-privacypass-auth-scheme-12: (with DISCUSS and COMMENT)
Thread-Index: AQHZ30WJbdqKDjXmVkyD9j9SwpU/DLAMvFsAgACzvOCAAHW5AIAJ0I8AgADA7vA=
Date: Wed, 13 Sep 2023 08:20:08 +0000
Message-ID: <BY5PR11MB41965894C881E9ADB683A26DB5F0A@BY5PR11MB4196.namprd11.prod.outlook.com>
References: <169384176423.31092.12850530785029334353@ietfa.amsl.com> <8E0EB5C1-399A-433F-AD39-5A3A83268626@apple.com> <BY5PR11MB4196E4F8EDE92D5D67C6D0ACB5EFA@BY5PR11MB4196.namprd11.prod.outlook.com> <BDE4E072-2DA2-4D8A-8C25-6C7EE8F6D0FB@apple.com> <67F7FB85-4E63-47A3-B650-34E4EEA22446@apple.com>
In-Reply-To: <67F7FB85-4E63-47A3-B650-34E4EEA22446@apple.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BY5PR11MB4196:EE_|LV3PR11MB8767:EE_
x-ms-office365-filtering-correlation-id: 3506c14a-ee54-4210-e6d9-08dbb4323df7
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: N4Z4pndzsZAZEdVzE58C5krUqpq7nRT8WKfGyYL80+tjXKc2K5/ivKODUCBy8Zbn4yTulrNbFl6cOVlZFms0DMCIfwj8pBeccQISfdmh9KdMneq81hnv874Ydvoc0K7di0uJt7LbMdCpXjwM1GUz1hvlZZb/jq55bWazQ7mtjRQFORJjYL830PSQYQ9OLWjyApQb1NcZHGLFXK3oEEpoVJZQuGy8YhSRizpnjqs3HEdEikYGoITUbjoMj8iLhz8r7+eLxQMvrswb2Dp1lPiDPlzUd5okMP/0/N6iX6qgyzQDjEV/hqsao6cpq/R1+gMFO9VKZppwHpcugxFMUYFlAXTsVYBJXeIs8onfAWPad12XSMPNXj3Z/7RdqFHgT83PchBYlPHft9CTvWb6N/56uLgzjdfk5DNmgA9eV4zBSHdizaBiJ0BXurwylJayOQwaMew48dc0sD3XSXLlg3/Ci7LvvwZuYWIJKRsCe8+G59DdYIt2F7uNvcRNxlquAE6sI8h51T+wAqsmY6I5h3X238XKyNxwVRjVH8UkQCgf8CMOzqZV4YOloHjauiRUprdfbmQiPyCjYr+nfnQxmG1Mm5EcidvMnbrj7FTM43sribJc3tA2nQFbSChJTancf9jkZtiaY8dySw3IDeJcWeOXdw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR11MB4196.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(136003)(366004)(396003)(376002)(346002)(39860400002)(186009)(1800799009)(451199024)(2906002)(53546011)(33656002)(86362001)(9686003)(6506007)(7696005)(71200400001)(478600001)(66899024)(122000001)(166002)(38070700005)(66574015)(83380400001)(55016003)(38100700002)(8936002)(41300700001)(966005)(8676002)(52536014)(5660300002)(4326008)(9326002)(316002)(110136005)(21615005)(64756008)(66556008)(76116006)(66476007)(66946007)(54906003)(66446008); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: e5rFI0lC8oYec1Mo1Q3Y0SYausYFyVq1m1eCDyg7Hv2cHIXrClUwg5wRapyew6EnI5ALbXoH5oq/F53tgL97CMA2onvCvIdZoQkJkoAUdSCG63XSjmbX5OFxFz4pu4khlaIkpujS6BKvm3HevruLkrmpPlYhBG0PfljGEYHNsGY3c6Xpqroezgffb2c52/UO5tGs+1uJQ77t39BCefAMXzZ17d69k/NS2m9v6gCJircSlbstS9tgf8UT4cinXNdhUaHLDptlo0w2WHYf4mHNM9/yZshhnNBHgImvlHVg8F1pBG+ZW08cjAALvqqEN9Q7X+O7bYPwgbvmZjwVXKbnhOnKrMCaSP70FKDJKH6fH3k5jXSn3sNs/M4o6LIozrO/hp3/UbD+JrSvXtdARPZM8hPH3VKIwD745WWA+LI+2ivAHa0EuMM3l59iMTGLOQZfBCoH3M/jxmNk3jxZL8XqgTWODnh1khyz9MCmbroYwTZC+OZ/FJI0mxPfh2arzir81OMbr6CZWd9eDJViLPNfahKRzQFB65nENeNl+s7iHjM+SfTgldzBV63XJhgY1QeVAPhGnjhQOX5GHoPABZcugB/Bx9TLieTtkx0HAC8iL8QyuncpayIH15Q5YZGRtWWrfPEdjY6iFMXhv+CFdDKUrXQOCjsCroww72TxmRPVJxmo9u7NlkdHkqkUKu+IsU8Cx9mqPME+5Ns9utmIgQxEHXzrD+i83cYyfT9U2PCusWG4P4WPXM7o00LQgS0Jyj24YO0tiJcThi1dvvSgt6YzvvxncPx7RaYuL2iDhFFSleEAqL8QBrAxqSnx2kG2IrEcYk8sik2Kmr4M2bXw1/o7CNcZtNOFQiv2jqboV7ah8Uu4grv6h7xIhAao1Y17pzRf7czYgNfYB4ClgOxcEedEvh2cuRX3D2/Hlp1Zt2CzFXce+aLgZFuTHzWX+NOQ2OWFRrpLjin2+qL0cAD46BXw+E2qMsu1CKQczJza1xypa3ML1AP2mZfL6p5y7e6feMSIfMK77H+5qT38LmzA74JlABlFRP8a2AtTp4ONNPqGo5udWgYkRovfuhqdkdN+YAm6iENHeIO/ewektMPBKayUkKIL2uc82oip0xc1YS85dBBYjahbwwuMC6aPyRuWeEZVuZ5WdZ1Z6ieXkwDU5N2L7Jlyl5xJAx8bu/v3eGrIWCmqhRc2ahpwD1vKaQslaJq35Ikl3xWJABz3vX3LY/M7MLvlD15hubAQMwY8T85CzdROGulAuPQ9H6So8eEv4O5HXdjlsHovhiTdJh7s+M+dKRFbG5ccjGzOsK1KZyNFUTqsf1kF3shdJ1i9Uo3VCimXQTsKR2FuoV1hG+a4b2U3726Jfr5zNp5ygIOMFedmIrFnuvaxbW4S+cmd3q3w4PvFw1pDgdOMSJLrhNee++xMqe4fcXFko3r0hbOLrtAiblpmUDOyl1ZoLoTLxrokkyogVw3bhsADgFTFA06LIdhjxECCy5RWYCjbHK3z/XXLfojPZABOzocZxwBHtpEuvNu1maMzylKRxNu8+Sfx0a+XTiZmMP+oiWpkYWu6nqsirbB4stZQX8ZNZf7SYzcaB1Z/OT6TAgNJDkHcaFym65qJMe9+fyPLlSaDnpb7rJgBHcA=
Content-Type: multipart/alternative; boundary="_000_BY5PR11MB41965894C881E9ADB683A26DB5F0ABY5PR11MB4196namp_"
MIME-Version: 1.0
X-OriginatorOrg: cisco.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR11MB4196.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3506c14a-ee54-4210-e6d9-08dbb4323df7
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Sep 2023 08:20:08.3540 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: J3vnr1p6DphiqOKb+kdojzgylHovQsGpP0kY31m9ZZY6ezRKrpGLXOVyepUkxkqAuk3Ma8EJ5YozBQYAjJ4muA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV3PR11MB8767
X-Outbound-SMTP-Client: 173.37.147.229, alln-opgw-1.cisco.com
X-Outbound-Node: rcdn-core-2.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/5PrTPH07VDO_SppsSeoT-7D20Dc>
Subject: Re: [Privacy-pass] Robert Wilton's Discuss on draft-ietf-privacypass-auth-scheme-12: (with DISCUSS and COMMENT)
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Pass Protocol <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Sep 2023 08:20:18 -0000

Hi Tommy,

Thanks.  I’ve cleared my discuss, so just Francesca’s discuss remains.

Regards,
Rob


From: Tommy Pauly <tpauly@apple.com>
Sent: 12 September 2023 21:48
To: Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org>
Cc: Rob Wilton (rwilton) <rwilton@cisco.com>; The IESG <iesg@ietf.org>; draft-ietf-privacypass-auth-scheme@ietf.org; privacypass-chairs@ietf.org; privacy-pass@ietf.org; Benjamin Schwartz <ietf@bemasc.net>
Subject: Re: [Privacy-pass] Robert Wilton's Discuss on draft-ietf-privacypass-auth-scheme-12: (with DISCUSS and COMMENT)

Hi Rob,

We’ve published a revision, which does add the normative reference to the architecture:

https://www.ietf.org/archive/id/draft-ietf-privacypass-auth-scheme-13.html

Thanks!
Tommy


On Sep 6, 2023, at 7:55 AM, Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org<mailto:tpauly=40apple.com@dmarc.ietf.org>> wrote:

Hi Rob,

I do think that we would want the architecture to be published along with or before the auth-scheme doc — and ideally, the protocol document would go along with those. So, from that regard a normative reference isn’t an issue.

Let us know what the IESG thinks about a normative downref here after your discussion!

Best,
Tommy


On Sep 6, 2023, at 1:06 AM, Rob Wilton (rwilton) <rwilton=40cisco.com@dmarc.ietf.org<mailto:rwilton=40cisco.com@dmarc.ietf.org>> wrote:

Hi Tommy,

Top posting because of my “non-optimal” email client inline quoting behaviour …

For the first two issues, your resolution sounds fine.

For the last issue, we can discuss on Thursday.  Obviously, I cannot speak for the collective IESG, but a downref from a protocol or spec to an informational architecture document is quite common, and not normally an issue.  But please also be aware, if not already, that a normative reference would mean that the architecture document needs to be published as an RFC before, or the same time, as this document.

Regards,
Rob


From: iesg <iesg-bounces@ietf.org<mailto:iesg-bounces@ietf.org>> On Behalf Of Tommy Pauly
Sent: 05 September 2023 22:11
To: Rob Wilton (rwilton) <rwilton@cisco.com<mailto:rwilton@cisco.com>>; The IESG <iesg@ietf.org<mailto:iesg@ietf.org>>
Cc: draft-ietf-privacypass-auth-scheme@ietf.org<mailto:draft-ietf-privacypass-auth-scheme@ietf.org>; privacypass-chairs@ietf.org<mailto:privacypass-chairs@ietf.org>; privacy-pass@ietf.org<mailto:privacy-pass@ietf.org>; Benjamin Schwartz <ietf@bemasc.net<mailto:ietf@bemasc.net>>
Subject: Re: Robert Wilton's Discuss on draft-ietf-privacypass-auth-scheme-12: (with DISCUSS and COMMENT)

Hi Rob,

Thanks for the review! Responses inline.



On Sep 4, 2023, at 8:36 AM, Robert Wilton via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>> wrote:

Robert Wilton has entered the following ballot position for
draft-ietf-privacypass-auth-scheme-12: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/
for more information about how to handle DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-privacypass-auth-scheme/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

Hi,

Thanks for this document.  I found the document to be well written and
reasonable clear, and I think that this is useful technology (but worry about
the centralization aspects that the protocol is likely the encourage). However,
I feel that this document is somewhat hard to fully understand without reading
the architecture document first (which is only an informative rather than
normative reference).  Hence, I have a flagged a few issues which I think rise
to the category of discuss but hopefully should not be hard to resolve.

(1) p 15, sec 5.2.  Token Type Registry

  *  Private Metadata: A Y/N value indicating if the output tokens can
     contain private metadata.

This is the first time that some of these fields (e.g., Publicly Verifiable,
Public/Private Metadata) have been introduced.  Does the document need any
additional prose to describe what they and how they are used?  The current text
feels somewhat terse as a description in a standard track document.

(2) p 17, sec 5.2.  Token Type Registry

  *  Nid: N/A

Shoudln't Nk and Nid default to 0 rather than 'N/A'?  This comment also applies
to the text above the greased values, or otherwise (at a stretch) it could
arguably be interpreted as putting is randomly sized Nk and Nid fields
containing random data.

I filed this issue to cover these: https://github.com/ietf-wg-privacypass/base-drafts/issues/472

We’ll add better explanation, much of which will likely refer back to the architecture draft.



(3) p 18, sec 6.2.  Informative References

  [ARCHITECTURE]
             Davidson, A., Iyengar, J., and C. A. Wood, "The Privacy
             Pass Architecture", Work in Progress, Internet-Draft,
             draft-ietf-privacypass-architecture-13, 15 June 2023,
             <https://datatracker.ietf.org/doc/html/draft-ietf-
             privacypass-architecture-13<https://datatracker.ietf.org/doc/html/draft-ietf-%0b%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0%C2%A0privacypass-architecture-13>>.

It seems strange to me that the architecture reference isn't normative.  I.e.,
I would think that reading aspects of the architecture is a prerequisite to
fully understanding the protocol aspects defined here.

I filed this issue:

https://github.com/ietf-wg-privacypass/base-drafts/issues/473

Happy to make this change, but can we get confirmation first from the IESG that this normative downref to an informational document will be approved?

Thanks,
Tommy




----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Thanks to Yingzhen for the OPSDIR review.

Regards,
Rob




--
Privacy-pass mailing list
Privacy-pass@ietf.org<mailto:Privacy-pass@ietf.org>
https://www.ietf.org/mailman/listinfo/privacy-pass

v2.23.0 | Report a Bug | By Email