IETF Logo Mail Archive

Re: [Uri-review] URI Scheme "ves:"

Jim Zubov <jz@vesvault.com> Sat, 18 December 2021 19:15 UTC

Return-Path: <jz@vesvault.com>
X-Original-To: uri-review@ietfa.amsl.com
Delivered-To: uri-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B57593A1106 for <uri-review@ietfa.amsl.com>; Sat, 18 Dec 2021 11:15:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.95
X-Spam-Level:
X-Spam-Status: No, score=-3.95 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-1.852, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=vesvault.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LBrEysmDtV7b for <uri-review@ietfa.amsl.com>; Sat, 18 Dec 2021 11:15:28 -0800 (PST)
Received: from ocean1.commercebyte.com (ocean1.commercebyte.com [104.131.120.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C8D2B3A1104 for <uri-review@ietf.org>; Sat, 18 Dec 2021 11:15:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=vesvault.com; s=default; h=In-Reply-To:From:References:Cc:To:Subject:MIME-Version:Date:Message-ID:Content-Type; bh=C6r3lSZaZ8Mj4BciH4PMEaLY7cArMUNPytQ2G/Pobdk=; b=Yz/kwXMTQW2IwkG80Uog1N87P4ksJPSsZeS8HGI+zsW42v7jgMb7Q8hAvT6Mh8s+jnCSfvPR6u/g+UFNB7f0WdwKCpAz0UvwYTYyGZcBznNhRM5/dIJ3yhrxT/+jR/Hl7wLlWYX9IWQovI9vvYj6en5EWW+yoXr1pVoQ1LBrdjQ=;
Received: from 50-79-151-250-static.hfc.comcastbusiness.net ([50.79.151.250]:16662 helo=[172.16.0.58]) by ocean1.commercebyte.com with esmtpsa (UNKNOWN:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.82) (envelope-from <jz@vesvault.com>) id 1myfB0-0001nf-K7; Sat, 18 Dec 2021 14:15:26 -0500
Received: from [206.81.2.95]:7120 (helo=[172.16.0.58]) by [172.16.0.58]:60137 (localhost) with VESmail ESMTP Proxy 1.58 (encrypt=FALSE mode=FALLBACK); Sat, 18 Dec 2021 14:15:26 -0500
Content-Type: multipart/alternative; boundary="------------0fzyfDoMRr0K06HkQJhsG0KF"
Message-ID: <17b8d4be-9ba1-e3b5-b84a-6185185dc8ba@vesvault.com>
Date: Sat, 18 Dec 2021 14:15:21 -0500
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.4.0
Content-Language: en-US
To: Tim Bray <tbray@textuality.com>
Cc: uri-review@ietf.org
References: <e2dbbdce-f91d-a555-20c5-53a971be8d20@vesvault.com> <CAHBU6ivqJ8GL=gM35K33h0YRzrO0Bs4cd+To6YPezL78+aNNTQ@mail.gmail.com>
From: Jim Zubov <jz@vesvault.com>
In-Reply-To: <CAHBU6ivqJ8GL=gM35K33h0YRzrO0Bs4cd+To6YPezL78+aNNTQ@mail.gmail.com>
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - ocean1.commercebyte.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - vesvault.com
X-Get-Message-Sender-Via: ocean1.commercebyte.com: authenticated_id: jz@nixob.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/uri-review/nqT60ynNnKqhyHEsx65YaZiGuXc>
X-Mailman-Approved-At: Sat, 18 Dec 2021 11:20:57 -0800
Subject: Re: [Uri-review] URI Scheme "ves:"
X-BeenThere: uri-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proposed URI Schemes <uri-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uri-review>, <mailto:uri-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uri-review/>
List-Post: <mailto:uri-review@ietf.org>
List-Help: <mailto:uri-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uri-review>, <mailto:uri-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Dec 2021 19:15:34 -0000

Thanks for the comments -

On 12/18/2021 1:15 PM, Tim Bray wrote:
> - Should you also register content-types for these things?

If fact there's already one registered - application/vnd.ves.encrypted

This is not a type VES URI is pointing to, but rather encrypted content 
stored by external means, the item encryption key for this content is 
identified by a VaultItem VES URI. There are no specific content types 
for objects identified by VES URIs, because those are handled by libVES 
or an equivalent tool, and are communicated in an e2ee form with the low 
level VES REST API as JSON objects.


> - Assuming you do, one wonders why you couldn't use regular old https 
> URLs, if these things are located on a DNS-addressable server.
>
The API server is DNS addressable, it's api.ves.host, however I see a 
few reasons to not use http uri -

- There are forms of VES URI that use an implicit app domain, which 
comes from the current context of libVES, or other VES API tool. An http 
uri wouldn't have the means to use the current context;

- I purposely specified some permitted violations of URI syntax that VES 
URI should tolerate, because it simplifies interactions between the 
client software and libVES, without causing any ambiguity;

- The ability to decrypt the object identified by VES URI, and even the 
ability to access the encrypted content and metadata, depends on the 
current context of libVES. Again, a stateless http uri wouldn't be good 
for it.


> On Fri, Dec 17, 2021 at 11:06 PM Jim Zubov <jz@vesvault.com> wrote:
>
>     Please consider the following provisional URI scheme for registration,
>     any comments are welcome:
>
>         Scheme name:
>           ves
>
>         Status:
>           Provisional
>
>         Applications/protocols that use this scheme name:
>           A unique identifier of an end-to-end encrypted object stored
>           in VES Repository (https://ves.host/docs/repo).
>           The passphrases that unlock the VES keychains are managed
>           locally on the user devices by VESvault (https://vesvault.com),
>           applications can use open source libVES or an equivalent tool
>           to access VES Repository.
>
>         Contact:
>           Jim Zubov<jz@vesvault.com>  <mailto:jz@vesvault.com>  VESvault Corp
>
>         Change controller:
>           Jim Zubov<jz@vesvault.com>  <mailto:jz@vesvault.com>  VESvault Corp
>
>         References:
>           https://ves.host/assets/download/VES%20URI%20Scheme.pdf
>           https://ves.host/docs/repo
>           https://vesvault.com
>
>
>
>
>     _______________________________________________
>     Uri-review mailing list
>     Uri-review@ietf.org
>     https://www.ietf.org/mailman/listinfo/uri-review
>

v2.23.0 | Report a Bug | By Email