Re: [Privacy-pass] Zaheduzzaman Sarker's No Objection on draft-ietf-privacypass-auth-scheme-12: (with COMMENT)
Tommy Pauly <tpauly@apple.com> Wed, 06 September 2023 16:51 UTC
Return-Path: <tpauly@apple.com>
X-Original-To: privacy-pass@ietfa.amsl.com
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F8F6C151556 for <privacy-pass@ietfa.amsl.com>; Wed, 6 Sep 2023 09:51:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.405
X-Spam-Level:
X-Spam-Status: No, score=-4.405 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5IuqVjUipCOq for <privacy-pass@ietfa.amsl.com>; Wed, 6 Sep 2023 09:51:56 -0700 (PDT)
Received: from ma-mailsvcp-mx-lapp02.apple.com (ma-mailsvcp-mx-lapp02.apple.com [17.32.222.23]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7128BC151552 for <privacy-pass@ietf.org>; Wed, 6 Sep 2023 09:51:56 -0700 (PDT)
Received: from rn-mailsvcp-mta-lapp02.rno.apple.com (rn-mailsvcp-mta-lapp02.rno.apple.com [10.225.203.150]) by ma-mailsvcp-mx-lapp02.apple.com (Oracle Communications Messaging Server 8.1.0.23.20230328 64bit (built Mar 28 2023)) with ESMTPS id <0S0K004N0PIHUA20@ma-mailsvcp-mx-lapp02.apple.com> for privacy-pass@ietf.org; Wed, 06 Sep 2023 09:51:55 -0700 (PDT)
X-Proofpoint-GUID: TmGX7oI0O8G4OfTgWRt4y5x9_kD6OGPf
X-Proofpoint-ORIG-GUID: TmGX7oI0O8G4OfTgWRt4y5x9_kD6OGPf
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.601, 18.0.957 definitions=2023-09-06_06:2023-09-05, 2023-09-06 signatures=0
X-Proofpoint-Spam-Details: rule=interactive_user_notspam policy=interactive_user score=0 suspectscore=0 mlxscore=0 spamscore=0 malwarescore=0 adultscore=0 mlxlogscore=999 bulkscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2308100000 definitions=main-2309060145
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=from : message-id : content-type : mime-version : subject : date : in-reply-to : cc : to : references; s=20180706; bh=lmikjggfUScDZwmFWsqKY32ZMR+OdU7hbDzqEDsdSlI=; b=EgtdfkRTkoo691I7oOj+x3ooWr/HNOlhgG52WGRiHch89Kw9+aCbsXQVNLeO2Pndy7V8 r8eeZYGfm+xZHTyVIG08V4GuUWYktcCzgYFZNFzuzgncgtUkf6WIoxil2xfPelVoWPcQ lhboQ4VqRc6/6ZeRqhiLyit26ZIpZxU9L/RoBIpe9gL7AkdKbGDA2gcMmmr8aew6vxVg WVoGulYgKb9/qQy4/TypizsB1qi9VRpaKas6PZ+NAh8SGGae3eZfFZeRglQaSpVt7OsT s6YHjpggwT5TPXttsYweijhkILU2fz9x90Hl6jBh+9cAnejrittEfrowX3c9qnNcyHiH DQ==
Received: from rn-mailsvcp-mmp-lapp01.rno.apple.com (rn-mailsvcp-mmp-lapp01.rno.apple.com [17.179.253.14]) by rn-mailsvcp-mta-lapp02.rno.apple.com (Oracle Communications Messaging Server 8.1.0.23.20230328 64bit (built Mar 28 2023)) with ESMTPS id <0S0K00W4HPIHFLC0@rn-mailsvcp-mta-lapp02.rno.apple.com>; Wed, 06 Sep 2023 09:51:53 -0700 (PDT)
Received: from process_milters-daemon.rn-mailsvcp-mmp-lapp01.rno.apple.com by rn-mailsvcp-mmp-lapp01.rno.apple.com (Oracle Communications Messaging Server 8.1.0.23.20230328 64bit (built Mar 28 2023)) id <0S0K01000P53VV00@rn-mailsvcp-mmp-lapp01.rno.apple.com>; Wed, 06 Sep 2023 09:51:53 -0700 (PDT)
X-Va-A:
X-Va-T-CD: dcc7a48c59d986d7a2cfef93889c27a3
X-Va-E-CD: 6b57ac3d81b2e1d976ebaeee924c3d4e
X-Va-R-CD: 9fd8be0a5eadd37c3dffd7b07834cc26
X-Va-ID: 73995055-4d60-41eb-affa-3716c64752f5
X-Va-CD: 0
X-V-A:
X-V-T-CD: dcc7a48c59d986d7a2cfef93889c27a3
X-V-E-CD: 6b57ac3d81b2e1d976ebaeee924c3d4e
X-V-R-CD: 9fd8be0a5eadd37c3dffd7b07834cc26
X-V-ID: cac25844-77d2-4a3b-b845-c72c73c75897
X-V-CD: 0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.601, 18.0.957 definitions=2023-09-06_06:2023-09-05, 2023-09-06 signatures=0
Received: from smtpclient.apple ([17.11.162.131]) by rn-mailsvcp-mmp-lapp01.rno.apple.com (Oracle Communications Messaging Server 8.1.0.23.20230328 64bit (built Mar 28 2023)) with ESMTPSA id <0S0K005GWPIG3000@rn-mailsvcp-mmp-lapp01.rno.apple.com>; Wed, 06 Sep 2023 09:51:53 -0700 (PDT)
From: Tommy Pauly <tpauly@apple.com>
Message-id: <6F997C64-A311-4791-A8AC-02FDC396E35E@apple.com>
Content-type: multipart/alternative; boundary="Apple-Mail=_8A1E2833-3A56-413D-81E2-B8AD0C261004"
MIME-version: 1.0 (Mac OS X Mail 16.0 \(3773.100.6\))
Date: Wed, 06 Sep 2023 09:51:42 -0700
In-reply-to: <169399404313.14411.3330582532513070709@ietfa.amsl.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-privacypass-auth-scheme@ietf.org, privacypass-chairs@ietf.org, privacy-pass@ietf.org, ietf@bemasc.net
To: Zaheduzzaman Sarker <zahed.sarker.ietf@gmail.com>
References: <169399404313.14411.3330582532513070709@ietfa.amsl.com>
X-Mailer: Apple Mail (2.3773.100.6)
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/huRAXUNHsBZnkUKnAMKtu8O0668>
Subject: Re: [Privacy-pass] Zaheduzzaman Sarker's No Objection on draft-ietf-privacypass-auth-scheme-12: (with COMMENT)
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Pass Protocol <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Sep 2023 16:51:57 -0000
Thanks, Zahed! > On Sep 6, 2023, at 2:54 AM, Zaheduzzaman Sarker via Datatracker <noreply@ietf.org> wrote: > > Zaheduzzaman Sarker has entered the following ballot position for > draft-ietf-privacypass-auth-scheme-12: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-privacypass-auth-scheme/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thanks for working on this specification. > > This specification does not raise transport related issues, however, I kind of > agree with Martin's concerns on assumptions and user interaction. On top of > the, section 3 only describe when this is used in a website context. I didn't > find what are the other context and how that would be different or what need to > be done differently. I think I needs to be clarified as well. Hence, supporting > Francesca's discuss. I’ve opened this PR to work on this: https://github.com/ietf-wg-privacypass/base-drafts/pull/474 This removes the website-specific text, and also describes the fact that there are different models where this protocol can be used (closed services where tokens may be required, and open services — which would include the web — where the tokens may or may not be supported by clients). > > I also think the privacy pass architecture document and this specification > should have been at least reviewed together or preferably architecture doc > should have get to us first to review/approve. I don't expect lots will change > in the architecture after IESG evaluation but still there are some > possibilities. As this document relay's on the architecture terminologies it > feels odd to review this when we haven't reviewed the terminologies defined in > the architecture doc. I certainly think that these documents should be published together, and we shouldn’t let this get published ahead of the architecture. Thanks, Tommy > > >
- [Privacy-pass] Zaheduzzaman Sarker's No Objection… Zaheduzzaman Sarker via Datatracker
- Re: [Privacy-pass] Zaheduzzaman Sarker's No Objec… Tommy Pauly
- Re: [Privacy-pass] Zaheduzzaman Sarker's No Objec… Zaheduzzaman Sarker