IETF Logo Mail Archive

Re: [Unbearable] WGLC 3 on core documents

Andrei Popov <Andrei.Popov@microsoft.com> Thu, 02 March 2017 01:02 UTC

Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: unbearable@ietfa.amsl.com
Delivered-To: unbearable@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B49C129431 for <unbearable@ietfa.amsl.com>; Wed, 1 Mar 2017 17:02:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.022
X-Spam-Level:
X-Spam-Status: No, score=-2.022 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jntIkVPwuWXu for <unbearable@ietfa.amsl.com>; Wed, 1 Mar 2017 17:02:03 -0800 (PST)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0103.outbound.protection.outlook.com [104.47.41.103]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 074B6129455 for <unbearable@ietf.org>; Wed, 1 Mar 2017 17:02:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=H5pbtcQwMe2XISDA4L8cHSVtomDLUpucHkuO4koJC/A=; b=hbPT2rX3C6+/n7audTj0rRSZEG9LqjWN/U7ynhRxWYyaach+CtxmRDGbhmqpufDG8Se4bc1ylSlR31z4AkBU+c1s/kPtZmwCWLSgSavgOR8g1Jf3+zQY+omn/0JQoRbM2IDYVHUUSvs9WdyimFuJdATPD87aIOanF0YU9pM3FFY=
Received: from DM2PR21MB0091.namprd21.prod.outlook.com (10.161.141.14) by DM2PR21MB0089.namprd21.prod.outlook.com (10.161.141.13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.961.3; Thu, 2 Mar 2017 01:02:00 +0000
Received: from DM2PR21MB0091.namprd21.prod.outlook.com ([10.161.141.14]) by DM2PR21MB0091.namprd21.prod.outlook.com ([10.161.141.14]) with mapi id 15.01.0961.004; Thu, 2 Mar 2017 01:02:01 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: Martin Thomson <martin.thomson@gmail.com>, Nick Harper <nharper@google.com>
Thread-Topic: [Unbearable] WGLC 3 on core documents
Thread-Index: AQHSiK9hN2Zs7g7owEimaRJSUV1QM6F/jmIAgAEu9ACAAAE/AIAAA7cAgAAKlICAAAG9wA==
Date: Thu, 02 Mar 2017 01:02:00 +0000
Message-ID: <DM2PR21MB0091E48C9639DB3A7ABDC0798C280@DM2PR21MB0091.namprd21.prod.outlook.com>
References: <90198679-4549-2893-6d91-f4415df217ad@sunet.se> <CABkgnnUPNRS1AUaVZy-Hkk6TD_yxLT8d_fG6LyFbPaJAJg4_cg@mail.gmail.com> <CACdeXiKD_cOnFqfKFa1o6n6VzrtrBbN0pfH4DBe7g2TKbMiRLw@mail.gmail.com> <CABkgnnWU=WbrqzF-vOrbyjT9_VG_C77_oLx90C=GRLTcmu3Svg@mail.gmail.com> <CACdeXi+gXHuaxayk03c3COg-Cq96QHVf+udF1D+4fv3Eq+Huiw@mail.gmail.com> <CABkgnnX2oPrHLKvKvZJR1XLbERcWGKUCHerzeyXM7uKHgCtPgA@mail.gmail.com>
In-Reply-To: <CABkgnnX2oPrHLKvKvZJR1XLbERcWGKUCHerzeyXM7uKHgCtPgA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [2001:4898:80e8:8::1d2]
x-microsoft-exchange-diagnostics: 1; DM2PR21MB0089; 7:a3VeSuuSFiqE1CNxplBvactulcnF7Eu+BGeWgcd3qT2WmleYFSOPePlUFW9epC9enOwO9p8xvXYNr2imJXbI+nlDMNAgvgfMhB1xPOIK5NiVI0PLUEqzMzlCnOQ0vgX6mP5djGsFpEeLxMngHVfKe6li/aqlvyUwxdz/Y/JgwI8qxTgaptFwoBZOPZm/X1SBPRuLlJZiF3hnYy2Qi951bozvnUvuYiFeQKSto5Mh+tCer57NWcsaFaAIshIS3acftmfqc5vsalufCp1JdxSap//EPUPnNys2wYJdpaeR1bfOz10/tF/fSLvrpFYTQ7uu07JK83Gm2cP/+jY8prEBWoy9TQ0GDQdnAfI6EFD10Lg=
x-ms-office365-filtering-correlation-id: 59da0403-a13b-494b-aa8f-08d46107bbe2
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081); SRVR:DM2PR21MB0089;
x-microsoft-antispam-prvs: <DM2PR21MB00896129C16BFE8A678857BA8C280@DM2PR21MB0089.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040375)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6055026)(61426038)(61427038)(6041248)(20161123555025)(20161123562025)(20161123564025)(20161123560025)(20161123558025)(6072148); SRVR:DM2PR21MB0089; BCL:0; PCL:0; RULEID:; SRVR:DM2PR21MB0089;
x-forefront-prvs: 023495660C
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(7916002)(39410400002)(39850400002)(39840400002)(39450400003)(39860400002)(6506006)(7736002)(53936002)(54356999)(86612001)(76176999)(10090500001)(99286003)(305945005)(39060400002)(229853002)(10290500002)(3280700002)(5005710100001)(50986999)(55016002)(97736004)(54906002)(8990500004)(3660700001)(6246003)(25786008)(77096006)(8676002)(38730400002)(4326008)(6116002)(9686003)(2900100001)(102836003)(93886004)(122556002)(81166006)(2950100002)(7696004)(8936002)(2906002)(6436002)(86362001)(92566002)(74316002)(5660300001)(106116001)(33656002)(189998001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR21MB0089; H:DM2PR21MB0091.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Mar 2017 01:02:00.9379 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR21MB0089
Archived-At: <https://mailarchive.ietf.org/arch/msg/unbearable/0kIwjWOE9hZVxahmwZHyjk-GgJk>
Cc: "unbearable@ietf.org" <unbearable@ietf.org>, Leif Johansson <leifj@sunet.se>
Subject: Re: [Unbearable] WGLC 3 on core documents
X-BeenThere: unbearable@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "\"This list is for discussion of proposals for doing better than bearer tokens \(e.g. HTTP cookies, OAuth tokens etc.\) for web applications. The specific goal is chartering a WG focused on preventing security token export and replay attacks.\"" <unbearable.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/unbearable>, <mailto:unbearable-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/unbearable/>
List-Post: <mailto:unbearable@ietf.org>
List-Help: <mailto:unbearable-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/unbearable>, <mailto:unbearable-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Mar 2017 01:02:04 -0000

> As I mentioned in my review, I would also prefer to see the entire contents of the message signed.
This does not work if we want to use extensions for attestation.

> I would have thought that you would instead make the message contents dependent on the type.
The TB type is not supposed to define the format of the TB message. Its purpose is to distinguish first-party bindings from 3rd-party/federated bindings.

v2.30.2 | Report a Bug | By Email | System Status