Re: [Webpush] Kathleen Moriarty's No Objection on draft-ietf-webpush-protocol-11: (with COMMENT)
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Thu, 13 October 2016 14:09 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: webpush@ietfa.amsl.com
Delivered-To: webpush@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1638D1298D6; Thu, 13 Oct 2016 07:09:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kbUUsGDh1tLL; Thu, 13 Oct 2016 07:09:13 -0700 (PDT)
Received: from mail-vk0-x236.google.com (mail-vk0-x236.google.com [IPv6:2607:f8b0:400c:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8DDEE1294EB; Thu, 13 Oct 2016 07:09:12 -0700 (PDT)
Received: by mail-vk0-x236.google.com with SMTP id 2so79124006vkb.3; Thu, 13 Oct 2016 07:09:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=RkLs+jRM31zok4RKWKviL+8vouW3gMnDbOsrjybfRX0=; b=kBnoWUz/6TSCCBSgpSpo2ebchDPnFoFKiRbP3Abm6VE9PejKMVpRPyhoyABHzcURgY q7PmqnxnyG4lu5PaMjQIzZAkVng901doEE1HXK/Yv7j7LG2dk/lQevORQQFz+PQSUMk6 FjTZeKxoOmg3WNpLWf4x95A4Tw7mii5fxPsf9YcjQSErV2H2lxKO4gdCR7E1rscif3RQ FxtOL6C28PWhjPhHMsJ4J19sn7axFJGEpeAk8Rut83BtqprzkuZsNmdePehYAmH6i23E p6GrDNBp/pGcwHQRNVFKelYChc6dFlvlRn7Erm1O7Ze0A5DWWUfLgXDpiy3CC6dYOZWO Nulg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=RkLs+jRM31zok4RKWKviL+8vouW3gMnDbOsrjybfRX0=; b=DCVv+mObqFbPeLoi0bpYLGD5CngP5FVI1R8kUF71Z4qeBWLDwlAgsT/5RsOXQkredO TjG8GyxfRWVJJJT0qgdidgjficUKRaQvOy4P9NsY3hQ7BoJYqGMFURmULgptMFJvZYMn mA/jwS//Ceyaqdrn+4WluWercS50M4eeins+BcjQ996gxCcj3iJN1+ZiJ2TDitCtixTF rFlqM964+5/9ImSFNsQEkWAjPSJakM0zLM4uZ8jAsRNAoGDnbsbCtaJvEW3GWR6rtMYc fT4PmGNqetKSt8Pahs6WQ/1b+1+N6Pn9U6DJQzMKvDvFEcydj7KN2CKEMlmJjY1RGK1l wXHA==
X-Gm-Message-State: AA6/9Rm2Ck6hF8/wPnF5itxvc/ykJkXzfWbg0uwvqt6Ykhl4T2bIq1QnAsytkfGbJdnV7nHeyszMSLCXckpsAA==
X-Received: by 10.31.215.67 with SMTP id o64mr4552559vkg.92.1476367742126; Thu, 13 Oct 2016 07:09:02 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.176.82.68 with HTTP; Thu, 13 Oct 2016 07:09:01 -0700 (PDT)
In-Reply-To: <CY1PR03MB2380B6C5D937DCAE0E725ED983DC0@CY1PR03MB2380.namprd03.prod.outlook.com>
References: <147629678445.6285.5038003546245862234.idtracker@ietfa.amsl.com> <CY1PR03MB23809509AFCB9DBB5B66900083DC0@CY1PR03MB2380.namprd03.prod.outlook.com> <EB148FDB-4AB6-41D1-B2B2-2E6E8632EAE2@gmail.com> <CY1PR03MB2380B6C5D937DCAE0E725ED983DC0@CY1PR03MB2380.namprd03.prod.outlook.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Thu, 13 Oct 2016 10:09:01 -0400
Message-ID: <CAHbuEH6PTr2J4LfCPEResX6N_B2UxY2CSwEyXmjsTdsCkaL6Eg@mail.gmail.com>
To: Brian Raymor <Brian.Raymor@microsoft.com>
Content-Type: multipart/alternative; boundary="94eb2c07c972d3d4f4053ebfa619"
Archived-At: <https://mailarchive.ietf.org/arch/msg/webpush/kbIe7N5mbGOCAkbMz64gIxAS_6g>
Cc: "draft-ietf-webpush-protocol@ietf.org" <draft-ietf-webpush-protocol@ietf.org>, Shida Schubert <shida@ntt-at.com>, "webpush-chairs@ietf.org" <webpush-chairs@ietf.org>, The IESG <iesg@ietf.org>, "webpush@ietf.org" <webpush@ietf.org>
Subject: Re: [Webpush] Kathleen Moriarty's No Objection on draft-ietf-webpush-protocol-11: (with COMMENT)
X-BeenThere: webpush@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of potential IETF work on a web push protocol <webpush.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webpush>, <mailto:webpush-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webpush/>
List-Post: <mailto:webpush@ietf.org>
List-Help: <mailto:webpush-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webpush>, <mailto:webpush-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Oct 2016 14:09:18 -0000
On Thu, Oct 13, 2016 at 12:04 AM, Brian Raymor <Brian.Raymor@microsoft.com> wrote: > Done. > > Thank you! > -----Original Message----- > From: kathleen.moriarty.ietf@gmail.com [mailto:kathleen.moriarty. > ietf@gmail.com] > Sent: Wednesday, October 12, 2016 6:52 PM > To: Brian Raymor <Brian.Raymor@microsoft.com> > Cc: The IESG <iesg@ietf.org>; draft-ietf-webpush-protocol@ietf.org; Shida > Schubert <shida@ntt-at.com>; webpush-chairs@ietf.org; webpush@ietf.org > Subject: Re: Kathleen Moriarty's No Objection on > draft-ietf-webpush-protocol-11: (with COMMENT) > > > > Please excuse typos, sent from handheld device > > > On Oct 12, 2016, at 9:09 PM, Brian Raymor <Brian.Raymor@microsoft.com> > wrote: > > > > > >> The only thing I might add is a note on the varying levels of security > >> offered by the HTTP authentication methods, which are documented in > their > >> RFCs. Adding just that point to the following (phrased however you'd > >> like) would be helpful: > >> A push service MAY > >> choose to authorize requests based on any HTTP-compatible > >> authorization method available, of which there are numerous options. > > > >> The somewhat recent updates to Basic & Digest do a really great job at > >> saying how awful they are and there are some experimental options that > >> offer some promise now. > > > > Proposed text - https://github.com/webpush-wg/webpush-protocol/pull/139/ > files > > Thanks for the quick update. I would just say 'with varying levels of > security.' The security considerations sections for each of the methods > available for HTTP are included in the RFCs for each. > > Thank you, > Kathleen > > > > > > > -- Best regards, Kathleen
- [Webpush] Kathleen Moriarty's No Objection on dra… Kathleen Moriarty
- Re: [Webpush] Kathleen Moriarty's No Objection on… Brian Raymor
- Re: [Webpush] Kathleen Moriarty's No Objection on… kathleen.moriarty.ietf
- Re: [Webpush] Kathleen Moriarty's No Objection on… Brian Raymor
- Re: [Webpush] Kathleen Moriarty's No Objection on… Kathleen Moriarty