Re: [Wpack] About content-based origins
Martin Thomson <mt@lowentropy.net> Wed, 25 March 2020 05:06 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: wpack@ietfa.amsl.com
Delivered-To: wpack@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7BB423A08BD for <wpack@ietfa.amsl.com>; Tue, 24 Mar 2020 22:06:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=H7Zq9Hpm; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=lWoeA/Ku
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SxX_gV4-t7Pq for <wpack@ietfa.amsl.com>; Tue, 24 Mar 2020 22:06:34 -0700 (PDT)
Received: from wout3-smtp.messagingengine.com (wout3-smtp.messagingengine.com [64.147.123.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 323B53A0873 for <wpack@ietf.org>; Tue, 24 Mar 2020 22:06:34 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.west.internal (Postfix) with ESMTP id 1CE5A5A6; Wed, 25 Mar 2020 01:06:33 -0400 (EDT)
Received: from imap2 ([10.202.2.52]) by compute2.internal (MEProxy); Wed, 25 Mar 2020 01:06:33 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :cc:subject:content-type; s=fm1; bh=wQxapI87YmJmZxpN8JMaEjbySbeI L8LGHn44EwP8nuQ=; b=H7Zq9HpmV6S1kq8Kn+16HnHN3yxynCsZHVzhEP4xTzAZ sC91pOfzjTKsqm6gwFCjuQD6imzncSTqR4KnFZMKrZVQKMaqYoTNkPu3EkR9C6rL 3XLYG0cPg7oRTy/AGl0rTm67Dta+vVfH2un6KMpPJgfc1X48fm7rFFmt0nyXQWwS MKfMg6lATqgjbw+e6fNXykjxOUuZtAfAypw0YsxtAFrOu5BH5DPsqKIv+GHGlfrV 6ipb8soxFW7kNrlXrATRolVKdY0PAo/wdPSPZvB7az8lS2hxi4n8LI8xgH/vZrJn UyBkcRbjDeWsV12tzs9j8VZd8Co7OiKi7itJG/jz/Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=wQxapI 87YmJmZxpN8JMaEjbySbeIL8LGHn44EwP8nuQ=; b=lWoeA/Kuy31dY+dviywnlO RordNexlrwrpARCnwvjAg48B+CG5CNj8IaXK9hsJScyCGy0ScljAAg/+MqRckzCu vKiHNFEcJn9gow3a/SOpZnfQHrGvEcal3fn+21c5LirwqKSZ3EAmuwrYynrTSe86 tmd1lfB80AyQOZr3Eec2jznBY21nCptDCcappvyHGjXX2fW8DzHEL3/bH4sazxIw EmW39huBT1t0upiB5CC+FiRwS1HgrW4MS/hjh9Zx51hd5EdxT4r7rkArZvkbyaHf gKtEm3LyQ4akSRYjxJUSs3QVavVKClQ8cyV8cmkJSNb4fBZ/uRlAROSj7jZxgzlA ==
X-ME-Sender: <xms:2OZ6XiynWl7XMqlAld3U1AK3uK-wVXGvfqCi0vjsH5VVIpKii5Ih2Q>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrudehvddgjeeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsehttd ertderredtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho figvnhhtrhhophihrdhnvghtqeenucffohhmrghinhepvgigrghmphhlvgdrtghomhenuc evlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmtheslhho figvnhhtrhhophihrdhnvght
X-ME-Proxy: <xmx:2OZ6XmfKk7_hl2PdGvxlRG6rG-FapavxuX6jWZJRko28ECD9GHk_BA> <xmx:2OZ6XsZjXiXJ2ex7dVnWlAZqTpFDJaJPY78HpuZrs6RkU7a493oxtQ> <xmx:2OZ6XurFLGqvf6K_OeKcN1Z4SANlzISDgN1MhgIEM5nxtd1poH61nA> <xmx:2OZ6XgizdyqeIlEbAS1rDPGi48vgR5lzLpyCq0OH_-tC7Ex5Us_KvQ>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 56A23E00A6; Wed, 25 Mar 2020 01:06:32 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.7-1021-g152deaf-fmstable-20200319v1
Mime-Version: 1.0
Message-Id: <f18834ef-e914-4661-bd00-71c73242e4f1@www.fastmail.com>
In-Reply-To: <CA+9kkMANYCD6N_kxDfLJtOXj679u1+NGhfDKREMk3P75efm19g@mail.gmail.com>
References: <260dfc2f-8399-483e-859d-08f92821c823@www.fastmail.com> <CA+9kkMANYCD6N_kxDfLJtOXj679u1+NGhfDKREMk3P75efm19g@mail.gmail.com>
Date: Wed, 25 Mar 2020 16:06:13 +1100
From: Martin Thomson <mt@lowentropy.net>
To: Ted Hardie <ted.ietf@gmail.com>
Cc: wpack@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/wpack/LN9f-BFtUnX4Jo5XAwvCZFgMFOc>
Subject: Re: [Wpack] About content-based origins
X-BeenThere: wpack@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Web Packaging <wpack.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/wpack>, <mailto:wpack-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wpack/>
List-Post: <mailto:wpack@ietf.org>
List-Help: <mailto:wpack-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/wpack>, <mailto:wpack-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Mar 2020 05:06:36 -0000
On Wed, Mar 25, 2020, at 04:47, Ted Hardie wrote: > I note that you did not include "hashing is a key element of > identification" in the key concepts here, despite it being pretty > prominent in the draft. Is it something you consider fundamental here, > or is it an approach to demonstrate a method of achieving the two > desiderata above? Exemplar only. I think that signatures offer some greater flexibility, but I wanted to show how this might work without them first. > Have I missed something here? If I have not, then this approach makes a > trade-off that limits its utility in ways that make peer-to-peer usage > of the approach problematic for use cases I personally care about it. > Others, of course, may make other assessments of that trade-off. No, that's an accurate assessment. The requirement to defer attribution of information to a particular entity is part of that trade-off. In preparing slides, I think that the question of how to manage attribution is going to be an important one. I think that Jeffrey is proposing that perhaps we can attribution of the sort that people care about, without also having attribution of the sort that the web security model cares about. That might be a cool way to split this. That is, you can tell people that this is example.com, but maintain segregation and give example.com the right of refusal for the associated content and state at the point you come back online.
- [Wpack] About content-based origins Martin Thomson
- Re: [Wpack] About content-based origins Ted Hardie
- Re: [Wpack] About content-based origins Ben Schwartz
- Re: [Wpack] About content-based origins Martin Thomson
- Re: [Wpack] About content-based origins Devin Mullins
- [Wpack] Sec-Content-Origin clarification question… Ted Hardie
- Re: [Wpack] Sec-Content-Origin clarification ques… Devin Mullins
- Re: [Wpack] Sec-Content-Origin clarification ques… Jeffrey Yasskin
- [Wpack] On double-hashing (was: Re: About content… Devin Mullins
- Re: [Wpack] On double-hashing (was: Re: About con… Devin Mullins
- Re: [Wpack] On double-hashing (was: Re: About con… Martin Thomson
- Re: [Wpack] On double-hashing (was: Re: About con… Devin Mullins
- Re: [Wpack] On double-hashing (was: Re: About con… Martin Thomson
- Re: [Wpack] On double-hashing (was: Re: About con… Devin Mullins
- Re: [Wpack] On double-hashing (was: Re: About con… Martin Thomson
- Re: [Wpack] About content-based origins Martin Thomson
- Re: [Wpack] On double-hashing (was: Re: About con… Devin Mullins
- Re: [Wpack] About content-based origins Devin Mullins
- Re: [Wpack] About content-based origins Martin Thomson