IETF Logo Mail Archive

Re: [saag] Comment added to draft-gutmann-scep history

Peter Gutmann <pgut001@cs.auckland.ac.nz> Sun, 27 January 2019 12:45 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A20812F19D; Sun, 27 Jan 2019 04:45:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fOxO23IbqcOH; Sun, 27 Jan 2019 04:45:31 -0800 (PST)
Received: from mx4-int.auckland.ac.nz (mx4-int.auckland.ac.nz [130.216.125.246]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC4B512D4EF; Sun, 27 Jan 2019 04:45:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1548593131; x=1580129131; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=sUVqhGggChymaZuvZD33F+iMzBjL09qqG1JS2uJOvuA=; b=REcL77ZoxZ+h7YSMmyd8dEO1duo7tZNCbQQTiACLw1j2LLcy7CrWzTn0 IMS+Fa9wR8iz4xGC/DB/OjY5Qy51YZo7Ky6nZCk3nOLmh2mJZATVa1qzo VLMXxZ/zApQ+NaUf2hh5bMBdWMUc43igSSBVjmDhjh6e9uwjDR52Gnsxl wVHd5bJkTdu/YTEMbVbYH1pag2Gy5ftdY0QQduLqnibnQeJWZvGILHEES QIUSNXepiAQvojVjr6njhbV4K8Z2o8j59iGbPZE++4Mgylc4vsIxGZlGc TUAYx6/xfRse8YbBiX2xSajxTvh/euE6IPhSmex3Tzs30Ig1IauLKAvgl w==;
X-IronPort-AV: E=Sophos;i="5.56,529,1539601200"; d="scan'208";a="46554093"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 10.6.2.8 - Outgoing - Outgoing
Received: from uxcn13-ogg-e.uoa.auckland.ac.nz ([10.6.2.8]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 28 Jan 2019 01:45:27 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-ogg-e.UoA.auckland.ac.nz (10.6.2.8) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Mon, 28 Jan 2019 01:45:26 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.5]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.5]) with mapi id 15.00.1395.000; Mon, 28 Jan 2019 01:45:26 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Alexey Melnikov <alexey.melnikov@isode.com>
CC: "draft-gutmann-scep@ietf.org" <draft-gutmann-scep@ietf.org>, "carl@redhoundsoftware.com" <carl@redhoundsoftware.com>, "saag@ietf.org" <saag@ietf.org>
Thread-Topic: [saag] Comment added to draft-gutmann-scep history
Thread-Index: AQHTx0JalykNlRFNLEeHWmw80fOk66PxVi1qgCgcEDyAL8YogIBEQ8VngSI/joCADi2UO///uv+AgAdIx28=
Date: Sun, 27 Jan 2019 12:45:26 +0000
Message-ID: <1548593086641.10465@cs.auckland.ac.nz>
References: <152231658869.24008.11321959845877039592.idtracker@ietfa.amsl.com> <1522887334433.4490@cs.auckland.ac.nz> <1525092187804.38190@cs.auckland.ac.nz> <bcb96609-a4fd-faf6-cf07-12b9f1fe7df0@isode.com> <1531471734017.88813@cs.auckland.ac.nz> <c64bc232-fb47-5384-ac89-71ce0481f095@isode.com> <1548207354255.65634@cs.auckland.ac.nz>, <BC92C620-E29E-43E5-BD64-269E42F63832@isode.com>
In-Reply-To: <BC92C620-E29E-43E5-BD64-269E42F63832@isode.com>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/Q1F9VNd6F41Yy06XtHtqoeVjWmc>
Subject: Re: [saag] Comment added to draft-gutmann-scep history
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Jan 2019 12:45:35 -0000

OK, just posted it with (hopefully) all changes as requested, one small
difference is that I've put the HTTP note in section 4 which talks about HTTP
use:

   This section describes the SCEP Transactions and their HTTP [6] transport
   mechanism.

where it's more likely to be noticed than if it's tacked onto the
introduction.  I've also extended it a bit to point to the upcoming BCP-56,
which contains a lot of good advice on use of HTTP as a substrate:

-- Snip --

Note that SCEP doesn't follow best current practices on usage of HTTP.  In
particular, it uses unregistered Media Types, it recommends ignoring Media
Types and hardcoding specific URI paths.  Guidance on the appropriate
application of HTTP in these circumstances may be found in

REF: "Building Protocols with HTTP", draft-ietf-httpbis-bcp56bis-08, Mark
Nottingham, November 2018,
https://tools.ietf.org/html/draft-ietf-httpbis-bcp56bis-08.

-- Snip --

Before the final version is published I'll go through it one more time to
align it with draft-BCP-56bis as much as possible, mostly a reference to
section 4.5.1 on the use of GET vs POST.

Peter.

v2.23.0 | Report a Bug | By Email