Re: [websec] Session Continuation = Session Bound State?

Richard Barnes <rlb@ipv.sx> Wed, 20 March 2013 14:24 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7DF0721F8FCD for <websec@ietfa.amsl.com>; Wed, 20 Mar 2013 07:24:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.504
X-Spam-Level:
X-Spam-Status: No, score=-2.504 tagged_above=-999 required=5 tests=[AWL=0.472, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M9XIIJHJ8bnw for <websec@ietfa.amsl.com>; Wed, 20 Mar 2013 07:24:16 -0700 (PDT)
Received: from mail-oa0-f48.google.com (mail-oa0-f48.google.com [209.85.219.48]) by ietfa.amsl.com (Postfix) with ESMTP id 7E55E21F8FAB for <websec@ietf.org>; Wed, 20 Mar 2013 07:24:14 -0700 (PDT)
Received: by mail-oa0-f48.google.com with SMTP id j1so1813941oag.21 for <websec@ietf.org>; Wed, 20 Mar 2013 07:24:14 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:x-originating-ip:in-reply-to:references :date:message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=hL54/CQNeX1twVRCLZp5EKtUNLJbT+0UvUfp+EmJzTc=; b=QMovbUdoQHk6k8jVUhmVKmIer2809n+ZlqbGYCXtxKZ28JUlOCavjlbSR/rzI5Lqd6 dzTXSAjIHvCDYCpgVXR8i8LSzwtoPtZAbiNmm2HV1oF2HYe9Z9i2KEQvWc33JLfs2P6d OaKj/jlHPU1YfsNXyHu53GKJ3Lo1ITB291+U0/06mLdVGCjVxUg/rW2G4ofDFJjJQuNV 3NsT0oPzY8ZdSS3bUIv/mlV+HAHhSmY3yFTbMGXT5dwZ7WTygx6A6/NUleXEJ0Ml09xc Ntwa708ir4mTIBcJ3NQbZu8q36wUtbPH9BYszw9U25Zx0mm8tjXsZ8fkCgrHvfwvkcfJ J1Qw==
MIME-Version: 1.0
X-Received: by 10.60.170.140 with SMTP id am12mr4061324oec.125.1363789453967; Wed, 20 Mar 2013 07:24:13 -0700 (PDT)
Received: by 10.60.40.233 with HTTP; Wed, 20 Mar 2013 07:24:13 -0700 (PDT)
X-Originating-IP: [192.1.51.16]
In-Reply-To: <CAK3OfOivpTzy4fe9_SQU1aYRR1fQJdKmc7Pin7-kSa8JQ41Dcg@mail.gmail.com>
References: <CAMm+Lwge7VBNWvWG01UN4j9=1nB+b8prusSVxgOpOcNLbZT8Sg@mail.gmail.com> <D771EC64-65A1-4EE1-A511-3FE750257E71@checkpoint.com> <CAK3OfOivpTzy4fe9_SQU1aYRR1fQJdKmc7Pin7-kSa8JQ41Dcg@mail.gmail.com>
Date: Wed, 20 Mar 2013 10:24:13 -0400
Message-ID: <CAL02cgTHbCPHfx=XLtnwpymx-nBpH8K=aZiSxsRWPX6xKk3RxQ@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: Nico Williams <nico@cryptonector.com>
Content-Type: multipart/alternative; boundary=bcaec54b4812f429af04d85bf92d
X-Gm-Message-State: ALoCoQmyGnuEAQ47MAVr0yqtXSByNdm3gLRHcHgMzlljDzi/55RAYRTk7WN/2jgxe0mjsKBaoplK
Cc: websec <websec@ietf.org>
Subject: Re: [websec] Session Continuation = Session Bound State?
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2013 14:24:17 -0000

Adam Barth proposed "cake" a little while back.
<http://tools.ietf.org/html/draft-abarth-cake-01>




On Tue, Mar 19, 2013 at 11:21 AM, Nico Williams <nico@cryptonector.com>wrote;wrote:

> On Mon, Mar 18, 2013 at 7:14 AM, Yoav Nir <ynir@checkpoint.com> wrote:
> > I'm kind of partial to "session management"
>
> I am too, but am afraid that that can lead to confusion, since we're
> only dealing with establishment, use, and synchronous destruction of
> sessions, not any other aspect of session management (e.g., listing
> active sessions, administrative session destruction, setting of
> session parameter negotiation parameters, ...).
>
> I've liked both terms Phillip has proposed so far: Session Continuation,
> and:
>
> >> How about Session Bound State as the term of art?
>
> I'd also be happy with:  Session Layer.  (And: Cookie Slayer, and any
> other punny names we might think of :)
>
> Nico
> --
> _______________________________________________
> websec mailing list
> websec@ietf.org
> https://www.ietf.org/mailman/listinfo/websec
>