Re: [saag] Input for conflict review of draft-secure-cookie-session-protocol

Thomas Fossati <tho@koanlogic.com> Sun, 21 October 2012 19:49 UTC

Return-Path: <tho@koanlogic.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E46C21F8A75 for <saag@ietfa.amsl.com>; Sun, 21 Oct 2012 12:49:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.977
X-Spam-Level:
X-Spam-Status: No, score=-2.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Uh9UwaoUyxmw for <saag@ietfa.amsl.com>; Sun, 21 Oct 2012 12:49:06 -0700 (PDT)
Received: from mail-qc0-f172.google.com (mail-qc0-f172.google.com [209.85.216.172]) by ietfa.amsl.com (Postfix) with ESMTP id EE1A821F8722 for <saag@ietf.org>; Sun, 21 Oct 2012 12:49:05 -0700 (PDT)
Received: by mail-qc0-f172.google.com with SMTP id s14so1369949qcg.31 for <saag@ietf.org>; Sun, 21 Oct 2012 12:49:05 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:date :message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=JdkZRy/ZVzzipZIHSSvKq0hhwgTJTj+wjCr7vc2BKOs=; b=Cjwt1XTfBYCEYSLpVRXJBL3R30Cv4Ms4Cq2tRuPQx2uRHl9dtOEICKE7Pfez8hYJpz WKvsSgKHTI4c07pQAP5ly5sDviaffGLcMISNGQPugknklavxfhsZYWPCW8fbeaVCvsIj E2HYfEqv0ZGogJd75nONFxkjaXuN8pJXRlhdoaTZ2QVisqCD5TjoGNzQfaPLnFgyYxuY g71EXareEpZ4hKvPPnqCP8C6VAaXc+vo87PxANOZFhrAa7ixg2+4da/rsMobORQ3pd6T QZ+iXmsV3f7xxq46CEAyjzh7ZNBR/k+D1nX6AVypZcUo+67o+qXUj+TGOUaK3WniEer2 zFxA==
MIME-Version: 1.0
Received: by 10.49.49.234 with SMTP id x10mr3832223qen.53.1350848945012; Sun, 21 Oct 2012 12:49:05 -0700 (PDT)
Received: by 10.49.26.170 with HTTP; Sun, 21 Oct 2012 12:49:04 -0700 (PDT)
X-Originating-IP: [79.46.233.174]
In-Reply-To: <5083DB5B.6010401@cs.tcd.ie>
References: <CALaySJKJR59dGJTPjnTRk+eo00+gyy8zs1=tLf8-v0EzP7TPuA@mail.gmail.com> <5083DB5B.6010401@cs.tcd.ie>
Date: Sun, 21 Oct 2012 20:49:04 +0100
Message-ID: <CAByMhx9FdYJ+UDnZD8C_uOhwUS_E-JJcSWmKLFG493S8E45eog@mail.gmail.com>
From: Thomas Fossati <tho@koanlogic.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: text/plain; charset=ISO-8859-1
X-Gm-Message-State: ALoCoQkqHbwbnBl6rnW2YDesi0ZjFtNH5MGBmNYGyxS7R/TT4au9HPkxQNBuJNazaFoFdzZIRPZK
Cc: draft-secure-cookie-session-protocol@tools.ietf.org, saag@ietf.org, Nevil Brownlee <rfc-ise@rfc-editor.org>
Subject: Re: [saag] Input for conflict review of draft-secure-cookie-session-protocol
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Oct 2012 19:49:06 -0000

Hi Stephen,

On Sun, Oct 21, 2012 at 12:24 PM, Stephen Farrell
<stephen.farrell@cs.tcd.ie> wrote:
> What do folks (incl. authors) think of that?

I think you've hit the point, and (as author) I share the proposed way-out.
I only have a bit of concern about sticking the name of a company in
the title, which seems quite an unusual practice... Would
"HTTP-friendly authentication tokens" be a less controversial
synthesis for what SCS actually is ?