[quicwg/base-drafts] MUST verify => MUST NOT accept on fail (#3590)

Mike Bishop <notifications@github.com> Mon, 20 April 2020 15:15 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 621933A08C1 for <quic-issues@ietfa.amsl.com>; Mon, 20 Apr 2020 08:15:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.198
X-Spam-Level:
X-Spam-Status: No, score=-1.198 tagged_above=-999 required=5 tests=[DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3LJtrneAkGBb for <quic-issues@ietfa.amsl.com>; Mon, 20 Apr 2020 08:15:16 -0700 (PDT)
Received: from out-27.smtp.github.com (out-27.smtp.github.com [192.30.252.210]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFA613A08C0 for <quic-issues@ietf.org>; Mon, 20 Apr 2020 08:15:15 -0700 (PDT)
Received: from github-lowworker-2300405.va3-iad.github.net (github-lowworker-2300405.va3-iad.github.net [10.48.17.39]) by smtp.github.com (Postfix) with ESMTP id 0B854E00A6 for <quic-issues@ietf.org>; Mon, 20 Apr 2020 08:15:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1587395715; bh=PIl91Pc1iuvZwLa2qGHxp9PL02F08SPO4pYDYQAHFMI=; h=Date:From:Reply-To:To:Cc:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=LiGTAUJ2YRap9U9a76nlFelQvn1MSuG5Bcq3e0E9OzdKA9ROzHWLgk0dkNaQ6QHwL r2q7Jhri7HndRPO8f+rbksIYWFw9Cfm8kXujtEttgHkKMNeOmkvtScCgEA95LdaAwy OH/Gz9+pQZXS0WysqYWzlBEi5GoIBsESSznpdzSg=
Date: Mon, 20 Apr 2020 08:15:14 -0700
From: Mike Bishop <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK6NDSJATGDY5PYFLUF4VGOYFEVBNHHCH5PCFY@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/3590@github.com>
Subject: [quicwg/base-drafts] MUST verify => MUST NOT accept on fail (#3590)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e9dbc82f15a7_65ef3f9b612cd96820692a"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/IZD_EpJBcAlBLFgPySCqwvMk288>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Apr 2020 15:15:18 -0000

Addresses @ekr&#39;s comments on #3558.  While this adds a new MUST NOT, I believe it&#39;s editorial because it&#39;s simply stating the implicit result of the &quot;MUST verify&quot; in that PR.  If anyone disagrees, speak up and I&#39;ll change it.

Separately, I think there&#39;s a case for this &quot;MUST NOT&quot; to be a &quot;SHOULD NOT,&quot; as we all know there are situations in which clients proceed through a certificate warning.  It&#39;s a reasonable semantic distinction whether the client does not consider the server authoritative but processes the result anyway (MUST NOT), or considers the server authoritative because the user told it to (SHOULD NOT).  Opinions on the bikeshed welcome.
You can view, comment on, or merge this pull request online at:

  https://github.com/quicwg/base-drafts/pull/3590

-- Commit Summary --

  * MUST verify =&gt; MUST NOT accept on fail

-- File Changes --

    M draft-ietf-quic-http.md (5)

-- Patch Links --

https://github.com/quicwg/base-drafts/pull/3590.patch
https://github.com/quicwg/base-drafts/pull/3590.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/3590