Re: [quicwg/base-drafts] Ben Kaduk's HTTP/3 Discuss 2 (#4775)
Martin Thomson <notifications@github.com> Wed, 20 January 2021 22:45 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60D853A159F for <quic-issues@ietfa.amsl.com>; Wed, 20 Jan 2021 14:45:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.732
X-Spam-Level:
X-Spam-Status: No, score=-1.732 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.25, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HGTxKVXgLmSA for <quic-issues@ietfa.amsl.com>; Wed, 20 Jan 2021 14:45:38 -0800 (PST)
Received: from smtp.github.com (out-17.smtp.github.com [192.30.252.200]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E20823A159D for <quic-issues@ietf.org>; Wed, 20 Jan 2021 14:45:37 -0800 (PST)
Received: from github.com (hubbernetes-node-2379a18.va3-iad.github.net [10.48.122.30]) by smtp.github.com (Postfix) with ESMTPA id 20D4D5C0326 for <quic-issues@ietf.org>; Wed, 20 Jan 2021 14:45:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1611182737; bh=k9e6EMsxhx7qOMSFzv5saFzlwl90kj/SzIxItLvUr6A=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=hV3Z8CfY9P9DhBIGpyifNap7XjvGdgUakt1gcw4bQp3Kuh3LowWIRA5scToxXt6cJ YIeHVKl9BbLom5YmvK5o6nfwS2E+0omz+UpyjlHYTsZ+2lXg8+LcYqfRWgkEG/qSdK k1cKlIdBuVOnr8tqnAYJ/0bUyYqoYTznKqcifOrA=
Date: Wed, 20 Jan 2021 14:45:37 -0800
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK66HK4QH2YFPTNQUDN6CSJZDEVBNHHC6GTCZQ@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/4775/764002408@github.com>
In-Reply-To: <quicwg/base-drafts/issues/4775@github.com>
References: <quicwg/base-drafts/issues/4775@github.com>
Subject: Re: [quicwg/base-drafts] Ben Kaduk's HTTP/3 Discuss 2 (#4775)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_6008b2911e493_601a044387f"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/4DOGZyPI1KAZGm_C3TGGPXZMzkA>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Jan 2021 22:45:39 -0000
I think that the main concern here is addressed by a change - or addition - to the text that Ben quoted. That is, we change from the determination of authority being made universally based on the set of names in the certificate (a passive determination, if you will) to the per-name, query-based approach that we generally have (an active seeking of authority). As the quoted text could be read as non-normative when placed besides more specific text with clear normative force. The other points might benefit from clarification, but the problem largely stems from this passive definition of authority. Regarding revocation checks that succeed at handshake time, but fail later, I would suggest the answer only affects the determination of authority for the name that is queried. That is consistent with the per-name, query-based approach. The idea that the connection might be torn down is not consistent with that. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/4775#issuecomment-764002408
- [quicwg/base-drafts] Ben Kaduk's HTTP/3 Discuss 2… Lucas Pardue
- Re: [quicwg/base-drafts] Ben Kaduk's HTTP/3 Discu… Martin Thomson
- Re: [quicwg/base-drafts] Ben Kaduk's HTTP/3 Discu… Lars Eggert
- Re: [quicwg/base-drafts] Ben Kaduk's HTTP/3 Discu… Mike Bishop
- Re: [quicwg/base-drafts] Ben Kaduk's HTTP/3 Discu… Mike Bishop
- Re: [quicwg/base-drafts] Ben Kaduk's HTTP/3 Discu… Mike Bishop
- Re: [quicwg/base-drafts] Ben Kaduk's HTTP/3 Discu… Lucas Pardue
- Re: [quicwg/base-drafts] Ben Kaduk's HTTP/3 Discu… Lucas Pardue