IETF Logo Mail Archive

Re: [Trans] Directory instead of .well-known for URL structure

Jacob Hoffman-Andrews <jsha@eff.org> Mon, 08 July 2019 22:34 UTC

Return-Path: <jsha@eff.org>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FED912037C for <trans@ietfa.amsl.com>; Mon, 8 Jul 2019 15:34:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.003
X-Spam-Level:
X-Spam-Status: No, score=-7.003 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=eff.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dx4Z0gZkcK6P for <trans@ietfa.amsl.com>; Mon, 8 Jul 2019 15:34:35 -0700 (PDT)
Received: from mail2.eff.org (mail2.eff.org [173.239.79.204]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 935C31203AB for <trans@ietf.org>; Mon, 8 Jul 2019 15:34:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=eff.org; s=mail2; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:MIME-Version: Date:Message-ID:From:References:To:Subject:Sender:Reply-To:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=UnK/8nhgXfFwfzIXEjCL46fTsTTshEkIutyyiS7+CE4=; b=Pi+QaXQp9mffyo0optyygshy24 inlc3hztfSriVBl+SFHgeJ21AsddnuzJ1sDQP+lW40HYlZhcaEJ7L1HOXAgaLKjdp3W4VjHC7QuOt vJQLUuB7onU5fkDxfpQJGcF9fijNSKM2PqIrmXLhBJmH0Y9c1tCCtE7XNLuxAPu5rdQ4=;
Received: ; Mon, 08 Jul 2019 15:34:34 -0700
To: trans@ietf.org
References: <0d5e05fc-8f1e-54b5-536d-231153e7baf7@eff.org> <20190701123701.b3ba6b44ef85a74da6209e64@andrewayer.name> <2cbff182-7c7a-4c55-b2d2-a67f41dd7436@sectigo.com> <CAPbZxJTvk805WtR6FF8xUR0GS=E9gcEMphJR658GuTN8V0h_qg@mail.gmail.com> <047d5a04-4176-6651-b200-6ce7ce8a8266@sectigo.com> <CALzYgEc_aE+pcB-Y59VsG-s9PHyEW=94vUQdWZ7o-PvOra9PmQ@mail.gmail.com> <20190703092938.a19bf6ad88155f0b82c9fca5@andrewayer.name> <83f686e3-4e15-32a1-5a5f-ffb90822ae89@sectigo.com> <CALzYgEdQg1scqdMkeD3MCXkn_tGWG65U3Kq2ci5J-tfUXp0zSQ@mail.gmail.com> <8eb2939b-c6b1-a80b-787f-4d3c02b73f8b@sectigo.com>
From: Jacob Hoffman-Andrews <jsha@eff.org>
Message-ID: <7cda0748-fcc0-0eb0-7a96-57a6f72b0a8d@eff.org>
Date: Mon, 08 Jul 2019 15:34:33 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2
MIME-Version: 1.0
In-Reply-To: <8eb2939b-c6b1-a80b-787f-4d3c02b73f8b@sectigo.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/rZoPB-8KcniDF8q2sOparXxok6o>
Subject: Re: [Trans] Directory instead of .well-known for URL structure
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jul 2019 22:34:46 -0000

On 7/5/19 4:44 AM, Rob Stradling wrote:
> James Manager commented on this PR [1]:
> 
> "The log parameters are not URLs, but URL templates.
> The variables that can appear in the templates need to be defined as
> well. That is, 'first', 'second', 'hash', 'start, and 'end' for various
> templates.
> Otherwise the spec is still forcing URL structure on servers (ie
> variables MUST be querystring fields with these given names)."
> 
> How do folks feel about this?
> 
> 
> [1]
> https://github.com/google/certificate-transparency-rfcs/pull/311#pullrequestreview-258184865

This is a good point. At this point we've examined a good number of 
alternatives (.well-known, directory, and log parameters), and found 
that they all introduce significant complexity and implementation problems.

On the other hand, RFC 6960, which specifies paths and parameters under 
a common URL root, has been working terrifically in production for many 
years. No implementer has complained about any sort of difficulty in 
implementing that particular path structure.

I think we should appeal to "rough consensus and running code," and say 
that BCP 190 does not add value here. Worse, it threatens to tie us into 
pretzels trying to work around it.

v2.23.0 | Report a Bug | By Email