Re: [Trans] Some comments on the Web Service part
Eran Messeri <eranm@google.com> Thu, 06 March 2014 11:29 UTC
Return-Path: <eranm@google.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B22B41A0272 for <trans@ietfa.amsl.com>; Thu, 6 Mar 2014 03:29:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.925
X-Spam-Level:
X-Spam-Status: No, score=-1.925 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.547, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i1lWjPKeHmai for <trans@ietfa.amsl.com>; Thu, 6 Mar 2014 03:29:54 -0800 (PST)
Received: from mail-oa0-x232.google.com (mail-oa0-x232.google.com [IPv6:2607:f8b0:4003:c02::232]) by ietfa.amsl.com (Postfix) with ESMTP id 9F6D81A01C9 for <trans@ietf.org>; Thu, 6 Mar 2014 03:29:54 -0800 (PST)
Received: by mail-oa0-f50.google.com with SMTP id i7so2429278oag.37 for <trans@ietf.org>; Thu, 06 Mar 2014 03:29:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=kb5Vrr6fqmLWPjdELOyKsjaL44IFWId072jGbof2fe0=; b=GS9S+CN9+ZMEz5ZiIQLMUbQPf+i48f5EXVf9xui0oFX+i99c6ENRb9u+STqjPIMixi ic8kOwrEV3ayJo11IbDYAc9rQreq3Ud2ePLiqilND5V5Cf7FaEDYKhyVhpfVoDGE8fmO bqvCaEEBu05CF4gDpvyWKeue2y2s1R0pe00H+yyR/NKvudwzVjyOnGca/SfI8YcxL9Cg +XdXP3gPzxsjEq1ZMqzNMDHfWIVvRoXefCB1/BZgV8xmM6hzBtGlaaV8ESTf9OAK0GIm iZFW2k7+Uw/ASU3TGvQi8ABXgtWFA/+FK5ov4RWew1jkHc0bjNVywFLtub9192gSCfUM S4gg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=kb5Vrr6fqmLWPjdELOyKsjaL44IFWId072jGbof2fe0=; b=Em22HJo6zt0nA5UCthBXJCr/evH5DsjF+AzcA0YxJcCu6dS1zdg01k5RublKt245zM +z83Pwa1+SZ5UfmYre42iK9BUZKcUFveqtbfTaJy+48UF01JlDHlnVaW2h/NlELtQ9A9 6U357sN8I8Hp3NniXsuSjTbb1pbkv4ur5rPKEbRXWV9p6jGywKNRQV7P16zV86W4fWxk 1o58X3JOqZPVj7DIOtNBX6ihkYqQfTFAw/V3yJHg9W4CqTApvvZFMa7dZXmWJ5VAn8a5 JisLUbVjjvcgX3pcYMPAZVOHjWV6m1VNI1uioFLSniOf3qtVgYMa1zZvIuEejODYnrpa uD4w==
X-Gm-Message-State: ALoCoQl5MMz4x6kmQp3MpcfWNIzOi7Rh0QvgPqAyXzlr52Sj+VGsMPAJ029Me6pjjTFE7j39J8+nYHb+mYgN4rBpYaPqwnO9Viw6pL+aN/EeuT/cEi2DQIa2sKic1NdiT20lT3eWgRibAv3ewMAxK2DgQI3XQsIDV3aZ+Vqsp26kENvRGi1YQlbhABQedN1KnZEJgLjVGmn2
MIME-Version: 1.0
X-Received: by 10.60.73.164 with SMTP id m4mr5244810oev.8.1394105390637; Thu, 06 Mar 2014 03:29:50 -0800 (PST)
Received: by 10.182.142.198 with HTTP; Thu, 6 Mar 2014 03:29:50 -0800 (PST)
In-Reply-To: <CAMm+LwipgTevGFqs0PphNTpn=1ZZgSjVVvMe2Srco4JN8F_fQg@mail.gmail.com>
References: <CAMm+LwipgTevGFqs0PphNTpn=1ZZgSjVVvMe2Srco4JN8F_fQg@mail.gmail.com>
Date: Thu, 06 Mar 2014 11:29:50 +0000
Message-ID: <CALzYgEctzKxXJzG43qJJbqsZmT36Z+TkP_woZAYZ3ha2vhSKyg@mail.gmail.com>
From: Eran Messeri <eranm@google.com>
To: Phillip Hallam-Baker <hallam@gmail.com>
Content-Type: multipart/alternative; boundary="001a1135f1b096d94604f3ee741f"
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/WqsDoXExStYGmtP9RZXWtGXJJjE
Cc: "trans@ietf.org" <trans@ietf.org>
Subject: Re: [Trans] Some comments on the Web Service part
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Mar 2014 11:29:56 -0000
On Wed, Mar 5, 2014 at 6:41 PM, Phillip Hallam-Baker <hallam@gmail.com>wrote: > 1) This is a specified service, shouldn't it be registered as a > .well-known service? > > http://example.com/.well-known/ct/1 > > This means that the CT log can play nice with other services on the same > server. > > (obviously have to replace ct with what we register) > Could you please point to the standard specifying how these well-known services are defined? Regardless, it seems to be independent of the commands specification that a CT log must conform to. The Google-managed logs have an address that conforms with the rest of the HTTP APIs Google offers. We technically could offer https://ct.googleapis.com/.well-known/..., if it provides strong benefit. Since we expect few, well-known logs, I can't see the benefit in registering it as well-known service since very few domains are expected to offer it (i.e. there is no benefit it making it easily discoverable). > > > 2) The command should be present in the JSON request. > > Do you mean this as an addition or instead of specifying the command in the request line? Is there a specific web traffic management system that you know/expect to cause problem? > HTTP request lines are hard to protect with message level authentication. > Putting the command in the content means that it is covered independently. > > Reason this matters is that the request line and headers tend to get > 'battered' as they pass through enterprise scale web traffic management > systems. The same is true of TLS authentication that tends to get stripped > out at the front door by some sort of message router. > > > > > -- > Website: http://hallambaker.com/ > > _______________________________________________ > Trans mailing list > Trans@ietf.org > https://www.ietf.org/mailman/listinfo/trans > >
- [Trans] Some comments on the Web Service part Phillip Hallam-Baker
- Re: [Trans] Some comments on the Web Service part Eran Messeri
- Re: [Trans] Some comments on the Web Service part Phillip Hallam-Baker