[TLS] Fwd: New Version Notification for draft-thomson-http-replay-00.txt
Martin Thomson <martin.thomson@gmail.com> Thu, 22 June 2017 07:32 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC5E01286CA for <tls@ietfa.amsl.com>; Thu, 22 Jun 2017 00:32:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1zYQIDi-_U92 for <tls@ietfa.amsl.com>; Thu, 22 Jun 2017 00:32:14 -0700 (PDT)
Received: from mail-lf0-x232.google.com (mail-lf0-x232.google.com [IPv6:2a00:1450:4010:c07::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ADBC2126CD8 for <tls@ietf.org>; Thu, 22 Jun 2017 00:32:13 -0700 (PDT)
Received: by mail-lf0-x232.google.com with SMTP id m77so4281002lfe.0 for <tls@ietf.org>; Thu, 22 Jun 2017 00:32:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=7Ugnq1ROdEiRPAemNxTQk1vKaQb0Nd/YojtwHrbESaU=; b=hHm/iqV1LkJqU0hb7WdDrokZUHdHgnBaDz/hdxV8bjL+JI4UQv+SWgg5RMuzjkw6zC /j/U4zEFpoy4UF26Gygrsj0LpjEQJPY1si1dQJ/pgJB57ttvu12UspPUKIb/wNo6b25A TLv3TPyBcyKxbGvjTzEifDtinDPOQDyKsx7+ug8aJUdPC4LLwn6hbnKeO5sg791AfLys nmZtLj8Jy2fkYc+AGYiJFJxGzHusurz1TOftYfoDLYxMWexkTmFr+4ZV8V5PN6p9dPCp cNUH/hPEXbVOKxoff17w6bHBk4WDmuOn6L7oVT9BlSLYv+iLzw00454AUom+PmHntTLp bxAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=7Ugnq1ROdEiRPAemNxTQk1vKaQb0Nd/YojtwHrbESaU=; b=ry8+0RaJXvmX4Y/bH2/vE+1uoW8KHZbF+ebValO7PCfu9Cm/2zkbPCUfg6C1UAYj5E 0Rd1i29aru+0cAcg5MBRZiLnFce2xVrdHXLL9WLQqhTW4wKtedrYTuDeTZ1wTvvp/WhF sgwSuPJrqGkm0RVb8CFlhp4Zm0DNz8EhV+GpINjuK+HWx0Dc87tnWyi+tAP3H8WYl4q9 wkJoVPtHf3PI6RklQOatPzS/zrFW4/v4bMNNIoYABhvMenTc2NaaNcjwT+MndofqOQ2Z 5ojORFOaAt/+jaUcOK2PqG51UDY/gv/4doj2rgWcyDeA7vNq3ybMDcvi6r49SmIZPknh Af9w==
X-Gm-Message-State: AKS2vOxJ20v09dAlmxZk6d+LyuxN0WvBERBIawDhXIkWDO8ANoVHV1ry 8B5DOwVBoXuftvSj1oUDd2j8hAaJHI4aMag=
X-Received: by 10.46.77.70 with SMTP id a67mr430475ljb.103.1498116731775; Thu, 22 Jun 2017 00:32:11 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.46.78.17 with HTTP; Thu, 22 Jun 2017 00:32:11 -0700 (PDT)
In-Reply-To: <149811425736.30341.16596521802774811431.idtracker@ietfa.amsl.com>
References: <149811425736.30341.16596521802774811431.idtracker@ietfa.amsl.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 22 Jun 2017 17:32:11 +1000
Message-ID: <CABkgnnU4E0AH5=_xSoQVq49J8fHxPHBchVAMmD57KO2Y5WjVCw@mail.gmail.com>
To: "tls@ietf.org" <tls@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/dk2Yk2sUCVEsTzLlv6zVbxcfEXs>
Subject: [TLS] Fwd: New Version Notification for draft-thomson-http-replay-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Jun 2017 07:32:16 -0000
FYI, Mark, Willy, and I have put together a draft that describes how HTTP works with early data (or 0-RTT). The main thing of interest is the technique we recommend for avoiding exposure to replays, particularly given that HTTP is often intermediated. If you have specific comments about the draft, I'd appreciate it if you could take those to the HTTP working group <mailto:ietf-http-wg@w3.org>. Of course, you should feel free to start another massive thread about the various ways in which you think early data represents the beginning of the end for modern civilization. That seems to be the usual reaction to this sort of email. --Martin ---------- Forwarded message ---------- From: <internet-drafts@ietf.org> Date: 22 June 2017 at 16:50 Subject: New Version Notification for draft-thomson-http-replay-00.txt Name: draft-thomson-http-replay Revision: 00 Title: Using Early Data in HTTP Document date: 2017-06-22 Group: Individual Submission Pages: 9 URL: https://www.ietf.org/internet-drafts/draft-thomson-http-replay-00.txt Status: https://datatracker.ietf.org/doc/draft-thomson-http-replay/ Htmlized: https://tools.ietf.org/html/draft-thomson-http-replay-00 Htmlized: https://datatracker.ietf.org/doc/html/draft-thomson-http-replay-00 Abstract: This document explains the risks of using early data for HTTP and describes techniques for reducing them. In particular, it defines a mechanism that enables clients to communicate with servers about early data, to assure correct operation.
- [TLS] Fwd: New Version Notification for draft-tho… Martin Thomson
- Re: [TLS] Fwd: New Version Notification for draft… Kazuho Oku
- Re: [TLS] Fwd: New Version Notification for draft… Willy Tarreau
- Re: [TLS] Fwd: New Version Notification for draft… Kazuho Oku