Return-Path: <tpauly@apple.com>
X-Original-To: privacy-pass@mail2.ietf.org
Delivered-To: privacy-pass@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1])
	by mail2.ietf.org (Postfix) with ESMTP id 267618097105
	for <privacy-pass@mail2.ietf.org>; Sun,  2 Nov 2025 05:57:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.795
X-Spam-Level: 
X-Spam-Status: No, score=-2.795 tagged_above=-999 required=5
	tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1,
	DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
	HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001,
	RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001,
	RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_NONE=0.001]
	autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key)
	header.d=apple.com
Received: from mail2.ietf.org ([166.84.6.31])
	by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id TYFPWJEKT0Um for <privacy-pass@mail2.ietf.org>;
	Sun,  2 Nov 2025 05:57:05 -0800 (PST)
Received: from rn-mx03.apple.com (rn-mx03.apple.com [17.132.108.5])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256)
	(No client certificate requested)
	by mail2.ietf.org (Postfix) with ESMTPS id 8F9D280970E2
	for <privacy-pass@ietf.org>; Sun,  2 Nov 2025 05:57:04 -0800 (PST)
Received: from st47p01nt-mtap01.apple.com
 (st47p01nt-mtap01.ise.apple.com [10.170.123.69]) by mr55p01nt-mxp03.apple.com
 (Oracle Communications Messaging Server 8.1.0.28.20250821 64bit (built Aug 21
 2025)) with ESMTPS id <0T532D9SNQQWDP10@mr55p01nt-mxp03.apple.com> for
 privacy-pass@ietf.org; Sun, 02 Nov 2025 13:56:57 +0000 (GMT)
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.9,FMLib:17.12.100.49
 definitions=2025-11-02_02,2025-10-29_03,2025-10-01_01
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=cc :
 content-type : date : from : in-reply-to : message-id : mime-version :
 references : subject : to; s=20180706;
 bh=68ioOYtBnZrAXNxnCpsgMIq+F2bcfDCMM95BM8oMPGI=;
 b=OsGJSxjzQZ1MVZ0dNy/IX0cIDtsYcZhuLetQi7F5i+mqDrrzot3e50WZ5iKeNM9aFEzC
 L3GVOCWMdCv+jPp35xtPL8a74P4N/WMkV2x3LT4bWcendasQQUsMe2NS55QOf4WSy6uc
 rgEeh1muoKbt3ZZ1iw7p66z2py+nBLsCbkF8xSJLxCQ6isdi/KyKAFt8Hklm3J5E7k/3
 X9L62lWLHz6JiQc+XrmpwQN8VmWOONJpJ8YLAiBBjuoSp3SvW+GXm78VykjfXIfbUAnr
 Xyd3ZRUGM+SnIGHC2ySAkyHUwgGNnvNIiw7vjZaWlWoK7EvyyctYJP6HWjkf+0p8yq9E 3A==
Received: from st47p01nt-mmpp03.apple.com
 (st47p01nt-mmpp03.ise.apple.com [10.170.123.77]) by
 st47p01nt-mtap01.apple.com
 (Oracle Communications Messaging Server 8.1.0.28.20250821 64bit (built Aug 21
 2025)) with ESMTPS id <0T530FTRYQQW3630@st47p01nt-mtap01.apple.com>; Sun,
 02 Nov 2025 13:56:56 +0000 (GMT)
Received: from process_milters-daemon.st47p01nt-mmpp03.apple.com by
 st47p01nt-mmpp03.apple.com
 (Oracle Communications Messaging Server 8.1.0.28.20250821 64bit (built Aug 21
 2025)) id <0T531AD00QGY9K00@st47p01nt-mmpp03.apple.com>; Sun,
 02 Nov 2025 13:56:56 +0000 (GMT)
X-Va-A: 
X-Va-T-CD: 758ae55217325ca4be446f809c99aa9b
X-Va-E-CD: 4c82c540316f66a60c9e8910767703b5
X-Va-R-CD: d9c42b563e303dbf67063d455667b723
X-Va-ID: 3548a346-f211-4e39-8f76-c1460e95cef4
X-Va-CD: 0
X-V-A: 
X-V-T-CD: 758ae55217325ca4be446f809c99aa9b
X-V-E-CD: 4c82c540316f66a60c9e8910767703b5
X-V-R-CD: d9c42b563e303dbf67063d455667b723
X-V-ID: a45a631f-5ef9-466a-b171-cf8b1ef655b7
X-V-CD: 0
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.9,FMLib:17.12.100.49
 definitions=2025-11-02_02,2025-10-29_03,2025-10-01_01
Received: from smtpclient.apple ([17.10.193.143]) by
 st47p01nt-mmpp03.apple.com
 (Oracle Communications Messaging Server 8.1.0.28.20250821 64bit (built Aug 21
 2025)) with ESMTPSA id <0T531AO01QQV6800@st47p01nt-mmpp03.apple.com>; Sun,
 02 Nov 2025 13:56:56 +0000 (GMT)
From: Tommy Pauly <tpauly@apple.com>
Message-id: <830ECEA5-41B5-49BD-9187-4561F12A9BFB@apple.com>
Content-type: multipart/alternative;
 boundary="Apple-Mail=_45655932-7024-4E3E-8E81-EC7F10218C96"
MIME-version: 1.0 (Mac OS X Mail 16.0 \(3864.200.42\))
Date: Sun, 02 Nov 2025 08:56:45 -0500
In-reply-to: <6A00AFD1-9205-4D4A-9D62-9B40460947B3@iii.ca>
To: Cullen Fluffy Jennings <fluffy@iii.ca>, MOQ Mailing List <moq@ietf.org>,
 privacy-pass@ietf.org
References: <6A00AFD1-9205-4D4A-9D62-9B40460947B3@iii.ca>
X-Mailer: Apple Mail (2.3864.200.42)
Message-ID-Hash: JYV6HDNINAZKXRSEYTSHFORJHT42OIS6
X-Message-ID-Hash: JYV6HDNINAZKXRSEYTSHFORJHT42OIS6
X-MailFrom: tpauly@apple.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 digests; suspicious-header
CC: Suhas Nandakumar <suhasietf@gmail.com>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: =?utf-8?q?=5BPrivacy-pass=5D_Re=3A_Request_for_agenda_time_for_draft-ietf-mo?=
 =?utf-8?q?q-privacy-pass-auth-00?=
List-Id: Privacy Pass Protocol <privacy-pass.ietf.org>
Archived-At: 
 <https://mailarchive.ietf.org/arch/msg/privacy-pass/Efw71tyDlQAj9Hta7S8phNyxuQY>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Owner: <mailto:privacy-pass-owner@ietf.org>
List-Post: <mailto:privacy-pass@ietf.org>
List-Subscribe: <mailto:privacy-pass-join@ietf.org>
List-Unsubscribe: <mailto:privacy-pass-leave@ietf.org>


--Apple-Mail=_45655932-7024-4E3E-8E81-EC7F10218C96
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=utf-8

(CC=E2=80=99ing MOQ list too)

Hi Cullen,

Thanks for sharing this document! It looks like the document may not =
have made it onto the Privacy Pass agenda, but I wanted to share some =
initial review feedback.

For those following along on the Privacy Pass side, the current document =
is draft-ietf-moq-privacy-pass-auth-01 =
(https://www.ietf.org/archive/id/draft-ietf-moq-privacy-pass-auth-01.html)=
.

Overall, I think the document is going in a good direction and using the =
tokens well. I appreciate the updated diagrams =E2=80=94 there had been =
a few issues in the individual draft that are sorted out now.

Some technical questions:

1. Are the tokens being used here =E2=80=9Ccacheable=E2=80=9D so the =
client could potentially get multiple equivalent tokens and spend them =
over time, or are they strictly unique based on challenges? See token =
caching discussion in =
https://www.rfc-editor.org/rfc/rfc9577.html#section-2.1.4 and =
https://www.rfc-editor.org/rfc/rfc9576.html#section-7.1. Specifically, =
if the tokens should not be cachable, then the needs to include an =
unpredictable redemption_context. Currently, the text allows it to be =
empty.

2. Sections 3.2 and 3.3 discuss using the origin_info to associate =
matching for tracks and metadata. I want to point out that the challenge =
details are not visible to the token issuer, and are also not visible on =
redemption normally =E2=80=94 just a hash of the challenge is at that =
point in the typical construction. It=E2=80=99s possible to also include =
the information on redemption, but that should be spelled out explicitly =
if so. The text in 3.3.3 mentions "Extract the MoQ-specific =
authorization scope from the token's origin_info field=E2=80=9D, which =
isn=E2=80=99t normally possible. Can you help describe the flow you=E2=80=99=
re thinking of for who needs to check this information, and what they =
need to check it against?

3. The draft discusses the challenge format, but doesn=E2=80=99t =
explicitly mention the format the token is sent in for token redemption =
(the equivalent to =
https://www.rfc-editor.org/rfc/rfc9577.html#name-token-structure). In =
general, I see this document as the MOQ binding for tokens, whereas RFC =
9577 is the HTTP authentication binding. As such, it might be nice to =
also explain how and where these challenges and tokens go within the MOQ =
protocol bits.

4. Minor: In Section 2.2, there is discussion of bootstrapping tokens, =
and then having more tokens generated based on those. This is a pattern =
that=E2=80=99s being somewhat common, so good to see more use here. The =
text says that type 2 is used for bootstrap, and then privately =
verifiable types are used later. While this is fine, I think that type 2 =
can also work for the later type. The text could allow that in the =
example.

Thanks,
Tommy


> On Oct 15, 2025, at 4:55=E2=80=AFPM, Cullen Fluffy Jennings =
<fluffy@iii.ca> wrote:
>=20
> I would like to request 10 minutes to get feedback about:
>=20
> draft-ietf-moq-privacy-pass-auth-00
>=20
> This draft uses privacy pass tokens for Media Over Quic ( MoQ ). It =
does not need any changes to privacy pass tokens, but we would greatly =
appreciate the input and review of the privacy pass WG.=20
>=20
> Thanks, Cullen
>=20
> Note: draft-ietf-moq-privacy-pass-auth-00 is not out yet but it will =
get published by the deadline. It will be an updated version of =
draft-jennings-moq-privacy-pass-auth-00
>=20
>=20
> --=20
> Privacy-pass mailing list -- privacy-pass@ietf.org
> To unsubscribe send an email to privacy-pass-leave@ietf.org


--Apple-Mail=_45655932-7024-4E3E-8E81-EC7F10218C96
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=utf-8

<html aria-label=3D"message body"><head><meta http-equiv=3D"content-type" =
content=3D"text/html; charset=3Dutf-8"></head><body =
style=3D"overflow-wrap: break-word; -webkit-nbsp-mode: space; =
line-break: after-white-space;"><div>(CC=E2=80=99ing MOQ list =
too)</div><div><br></div>Hi Cullen,<div><br></div><div>Thanks for =
sharing this document! It looks like the document may not have made it =
onto the Privacy Pass agenda, but I wanted to share some initial review =
feedback.</div><div><br></div><div>For those following along on the =
Privacy Pass side, the current document is =
draft-ietf-moq-privacy-pass-auth-01 (<a =
href=3D"https://www.ietf.org/archive/id/draft-ietf-moq-privacy-pass-auth-0=
1.html">https://www.ietf.org/archive/id/draft-ietf-moq-privacy-pass-auth-0=
1.html</a>).</div><div><br></div><div>Overall, I think the document is =
going in a good direction and using the tokens well. I appreciate the =
updated diagrams =E2=80=94 there had been a few issues in the individual =
draft that are sorted out now.</div><div><br></div><div>Some technical =
questions:</div><div><br></div><div>1. Are the tokens being used here =
=E2=80=9Ccacheable=E2=80=9D so the client could potentially get multiple =
equivalent tokens and spend them over time, or are they strictly unique =
based on challenges? See token caching discussion in&nbsp;<a =
href=3D"https://www.rfc-editor.org/rfc/rfc9577.html#section-2.1.4">https:/=
/www.rfc-editor.org/rfc/rfc9577.html#section-2.1.4</a>&nbsp;and&nbsp;<a =
href=3D"https://www.rfc-editor.org/rfc/rfc9576.html#section-7.1">https://w=
ww.rfc-editor.org/rfc/rfc9576.html#section-7.1</a>. Specifically, if the =
tokens should not be cachable, then the needs to include an =
unpredictable redemption_context. Currently, the text allows it to be =
empty.</div><div><br></div><div>2. Sections 3.2 and 3.3 discuss using =
the origin_info to associate matching for tracks and metadata. I want to =
point out that the challenge details are not visible to the token =
issuer, and are also not visible on redemption normally =E2=80=94 just a =
hash of the challenge is at that point in the typical construction. =
It=E2=80=99s possible to also include the information on redemption, but =
that should be spelled out explicitly if so. The text in 3.3.3 mentions =
"Extract the MoQ-specific authorization scope from the token's =
origin_info field=E2=80=9D, which isn=E2=80=99t normally possible. Can =
you help describe the flow you=E2=80=99re thinking of for who needs to =
check this information, and what they need to check it =
against?</div><div><br></div><div>3. The draft discusses the challenge =
format, but doesn=E2=80=99t explicitly mention the format the token is =
sent in for token redemption (the equivalent to&nbsp;<a =
href=3D"https://www.rfc-editor.org/rfc/rfc9577.html#name-token-structure">=
https://www.rfc-editor.org/rfc/rfc9577.html#name-token-structure</a>). =
In general, I see this document as the MOQ binding for tokens, whereas =
RFC 9577 is the HTTP authentication binding. As such, it might be nice =
to also explain how and where these challenges and tokens go within the =
MOQ protocol bits.</div><div><br></div><div>4. Minor: In Section 2.2, =
there is discussion of bootstrapping tokens, and then having more tokens =
generated based on those. This is a pattern that=E2=80=99s being =
somewhat common, so good to see more use here. The text says that type 2 =
is used for bootstrap, and then privately verifiable types are used =
later. While this is fine, I <i>think</i>&nbsp;that type 2 can also work =
for the later type. The text could allow that in the =
example.</div><div><br></div><div>Thanks,</div><div>Tommy</div><div><div><=
br id=3D"lineBreakAtBeginningOfMessage"><div><br><blockquote =
type=3D"cite"><div>On Oct 15, 2025, at 4:55=E2=80=AFPM, Cullen Fluffy =
Jennings &lt;fluffy@iii.ca&gt; wrote:</div><br =
class=3D"Apple-interchange-newline"><div><div> I would like to request =
10 minutes to get feedback =
about:<br><br>draft-ietf-moq-privacy-pass-auth-00<br><br>This draft uses =
privacy pass tokens for Media Over Quic ( MoQ ). It does not need any =
changes to privacy pass tokens, but we would greatly appreciate the =
input and review of the privacy pass WG. <br><br>Thanks, =
Cullen<br><br>Note: draft-ietf-moq-privacy-pass-auth-00 is not out yet =
but it will get published by the deadline. It will be an updated version =
of draft-jennings-moq-privacy-pass-auth-00<br><br><br>-- =
<br>Privacy-pass mailing list -- privacy-pass@ietf.org<br>To unsubscribe =
send an email to =
privacy-pass-leave@ietf.org<br></div></div></blockquote></div><br></div></=
div></body></html>=

--Apple-Mail=_45655932-7024-4E3E-8E81-EC7F10218C96--

