Re: [stir] [EXTERNAL] DATA: URL in draft-ietf-stir-passport-rcd-26

Ben Campbell <ben@nostrum.com> Mon, 07 August 2023 14:17 UTC

Return-Path: <ben@nostrum.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFE81C15C520 for <stir@ietfa.amsl.com>; Mon, 7 Aug 2023 07:17:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.084
X-Spam-Level:
X-Spam-Status: No, score=-7.084 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nostrum.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9_TYRuB6l1DB for <stir@ietfa.amsl.com>; Mon, 7 Aug 2023 07:17:23 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EBAE2C14068D for <stir@ietf.org>; Mon, 7 Aug 2023 07:17:22 -0700 (PDT)
Received: from smtpclient.apple ([108.147.185.2]) (authenticated bits=0) by nostrum.com (8.17.2/8.17.1) with ESMTPSA id 377EHL7f086708 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Mon, 7 Aug 2023 09:17:22 -0500 (CDT) (envelope-from ben@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1691417842; bh=B8p51MUnvd+PFoLD0VTdtvFaXJ9thZpTxDpObGV+hhc=; h=From:Subject:Date:References:Cc:In-Reply-To:To; b=n7pIy7a8XqKFQ7KBwrTvYq7h8d4DSmwS0WbvowOS21PAnpjxD7x5fTY+GfDDYkagw UNcgG8EsOwPu6GDz0MU9MUXTE7EHe+wYsAqg6m5MLMLynPUwaxGJTd1dXT5Kn9Yjge TrsZ3nhPkaVEum/c/53tvLHWZZRZ3i7l5aAXGmG8=
X-Authentication-Warning: raven.nostrum.com: Host [108.147.185.2] claimed to be smtpclient.apple
Content-Type: multipart/alternative; boundary="Apple-Mail-BFE41429-1B5F-48C3-8C46-E6269C34B429"
Content-Transfer-Encoding: 7bit
From: Ben Campbell <ben@nostrum.com>
Mime-Version: 1.0 (1.0)
Date: Mon, 07 Aug 2023 09:17:04 -0500
Message-Id: <B2188F21-CB91-426C-8B29-D70120864F92@nostrum.com>
References: <78AB6DDE-7E82-4619-86FD-C919E6D818D4@chriswendt.net>
Cc: stir@ietf.org, jon.peterson@transunion.com
In-Reply-To: <78AB6DDE-7E82-4619-86FD-C919E6D818D4@chriswendt.net>
To: Chris Wendt <chris-ietf@chriswendt.net>
X-Mailer: iPhone Mail (20G75)
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/O2lYB2D09xsUnNGHb4_c5wM9U-4>
Subject: Re: [stir] [EXTERNAL] DATA: URL in draft-ietf-stir-passport-rcd-26
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Aug 2023 14:17:26 -0000

I don’t have the doc in front of me, but IIRC there is already an example with HTTPS.

Thanks!

Ben.

Sent from my iPhone

> On Aug 7, 2023, at 9:02 AM, Chris Wendt <chris-ietf@chriswendt.net> wrote:
> 
> 
> Hi Ben,
> 
> Yes we can make it an HTTPS URL example.
> 
> -Chris
> 
>> 
>> (as individual)
>> 
>> Hi,
>> 
>> I just noticed a possible bug in draft-ietf-stir-passport-rcd-26. I understand that the wg agreed to limit “icn” cvalues to HTTPS URLs at IETF 116. Indeed, section 5.1.3 only defines the “icn” claim to be an HTTPS URL.
>> 
>> But the third example in 8.3 still uses a DATA: URL. Am I correct to assume that this is no longer a valid example?
>> 
>> Thanks!
>> 
>> Ben.
>> 
>