IETF Logo Mail Archive

Re: [saag] Comment added to draft-gutmann-scep history

Peter Gutmann <pgut001@cs.auckland.ac.nz> Sun, 15 July 2018 03:46 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A271713102E; Sat, 14 Jul 2018 20:46:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mEYhl0vp3oof; Sat, 14 Jul 2018 20:46:39 -0700 (PDT)
Received: from mx4-int.auckland.ac.nz (mx4-int.auckland.ac.nz [130.216.125.246]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 07FC2131122; Sat, 14 Jul 2018 20:46:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1531626399; x=1563162399; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=RbmCFd3C4N1bLlLpjb904GQoKQR1ePPi78aTxH1XUTo=; b=M3jG+BNx0s/siOArb1x72SLS3iof+Krb5KsXennGTBA7SVw7qNlp3v21 tdS9bhzXskFhvftQgMVSjygMtEIb/NUteDrQk538ZeyHjSss4oLvnLWPI imjXzpQoFAUL8L8LVGs2fbPTtEXHM3XX1YqNhTAOED4ywOan49aHYLzzJ 5uajbhk3VtPS/gEoHjUzhBBKI2af0M8rykiUlC5AnyjOLdCLbxWrVwZjw eUkCh684pYZdg7wXC2ip7023E8+5nc60BODaapSXvOYdjo1g7pSBRfV02 GhxnRaHRYCgutseMDizunFg798fW+vlK405+3/FocUwPCpgLGodE+c0p5 Q==;
X-IronPort-AV: E=Sophos;i="5.51,355,1526299200"; d="scan'208";a="21233911"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 10.6.3.3 - Outgoing - Outgoing
Received: from uxcn13-tdc-b.uoa.auckland.ac.nz ([10.6.3.3]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 15 Jul 2018 15:46:37 +1200
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-tdc-b.UoA.auckland.ac.nz (10.6.3.23) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Sun, 15 Jul 2018 15:46:36 +1200
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) with mapi id 15.00.1263.000; Sun, 15 Jul 2018 15:46:36 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Patrick McManus <pmcmanus@mozilla.com>, Benjamin Kaduk <kaduk@mit.edu>
CC: "draft-gutmann-scep@ietf.org" <draft-gutmann-scep@ietf.org>, "saag@ietf.org" <saag@ietf.org>
Thread-Topic: [saag] Comment added to draft-gutmann-scep history
Thread-Index: AQHUG52+rEKLLutgkkmzx9TRChvl0qSPpFv6
Date: Sun, 15 Jul 2018 03:46:36 +0000
Message-ID: <1531626396613.5059@cs.auckland.ac.nz>
References: <152231658869.24008.11321959845877039592.idtracker@ietfa.amsl.com> <1522887334433.4490@cs.auckland.ac.nz> <1525092187804.38190@cs.auckland.ac.nz> <bcb96609-a4fd-faf6-cf07-12b9f1fe7df0@isode.com> <1531471734017.88813@cs.auckland.ac.nz> <1531537625942.57273@cs.auckland.ac.nz> <20180714151547.GG59001@mit.edu>, <CAOdDvNqdJtwPshdPsJK20Hseq4K=Dv59=mrY0-EzK5pw_aQNQQ@mail.gmail.com>
In-Reply-To: <CAOdDvNqdJtwPshdPsJK20Hseq4K=Dv59=mrY0-EzK5pw_aQNQQ@mail.gmail.com>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/bPG0mSJf1px0iJasQmmrhqU1ViM>
Subject: Re: [saag] Comment added to draft-gutmann-scep history
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Jul 2018 03:46:51 -0000

Patrick McManus <pmcmanus@mozilla.com> writes:

>Its a work in progress and would certainly benefit from review and comments:
>
>github as easy place to leave feedback and suggested edits:
>https://github.com/httpwg/http-extensions

Is there a preferred forum specifically for discussing this document rather
than the high-volume HTTP list?  In terms of github, I've never been convinced
that a PR is the best substitute for a discussion list thread...

I've got some specific suggestions about wording around the (mis-)use of GET,
which early versions of SCEP did (and some still do *cough*Microsoft*cough*),
creating non-idempotent GET requests containing multiple kB of base64-encoded
binary gunk.  SCEP has provided a good litmus test for how many ways this
breaks in the presence of proxies, caches, and a wide range of server types,
being able to reference 56bis on this would mean I could remove a pile of text
from the draft.

Peter.

v2.23.0 | Report a Bug | By Email