Re: [Wpack] WPACK BoF Notes
Patrick McManus <mcmanus@ducksong.com> Sun, 17 November 2019 15:31 UTC
Return-Path: <mcmanus@ducksong.com>
X-Original-To: wpack@ietfa.amsl.com
Delivered-To: wpack@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B44D1120111 for <wpack@ietfa.amsl.com>; Sun, 17 Nov 2019 07:31:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ducksong.com header.b=r1JxEDYo; dkim=pass (2048-bit key) header.d=outbound.mailhop.org header.b=eFyrn5rw
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9wZHbOMgvfcX for <wpack@ietfa.amsl.com>; Sun, 17 Nov 2019 07:31:42 -0800 (PST)
Received: from outbound1b.ore.mailhop.org (outbound1b.ore.mailhop.org [54.200.247.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9EFF112006D for <wpack@ietf.org>; Sun, 17 Nov 2019 07:31:42 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1574004701; cv=none; d=outbound.mailhop.org; s=arc-outbound20181012; b=ubzLcS+NO5MsmqtBl7YhC0gw5iGZ3VPkci/iZVkYN1P6dcUmOi8ITO4itygfySCpEsHrIoOGztxxW XQ9XB6kxhJjnwRb45jfQt6mw2l2GPXEs8MVZTHPT/orx3sKUFa0Y1ljp0zhSwW0jjhMurnAxwTsPbb DPdH1uhyPciNEOs4zSx/ruLo1VZBEl50uVvRcNHwGdCswIG28yg92WjGuAiYFVgLeTZTBAB6IRnb5X ksO8wnkR0r5yIDPlDHuiDfXECHiUA4YmPTZBuYRt+G+up22sfalr1Z9XwFkRYRPh/DOGycMkCVJB72 bnJMlXthrktB/dUmz6q0+fUYz52CHbg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=arc-outbound20181012; h=content-type:cc:to:subject:message-id:date:from:in-reply-to:references: mime-version:dkim-signature:dkim-signature:from; bh=Yk5Z8dgXeBglHRYgM0mYACz05xJdVBazGjUnbRbMOsY=; b=RNaatatGiD03R7QQmq/XF5tiP6zJE+Zamv0prwgJqD7+1XRFNZFUN/lvbTZmqsxD6YsWgJE40uffn i60qhsG++vED9GN9iU9ZOELM+lsFBEldIKa8Ob/fExYEbVRnVAYj+QClXvkmQCeXWJrPnFa1/mMBj2 np4NIwU0m0Gmo2FYlqkpoXU7xVBq3TUYd8dqNCz8pxrR4aPUOyB9bnvhKLbSuoEpsrqe+Pm7Yw3N8b zG6qP9e6MUgvKbgkA6TuWb4xaBE5VaO4w2KbDhPLGE3eDV8C5qyvveJ/Hzj1u+fQVZ5lJzsuIDQjLT 3RnZzvcqihLUf3lsY1TRIfO7Bb2YJMQ==
ARC-Authentication-Results: i=1; outbound3.ore.mailhop.org; spf=pass smtp.mailfrom=ducksong.com smtp.remote-ip=209.85.167.182; dmarc=none header.from=ducksong.com; arc=none header.oldest-pass=0;
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ducksong.com; s=duo-1537391512170-ea99bbb3; h=content-type:cc:to:subject:message-id:date:from:in-reply-to:references: mime-version:from; bh=Yk5Z8dgXeBglHRYgM0mYACz05xJdVBazGjUnbRbMOsY=; b=r1JxEDYo+m8vDmShaQ/bmMqtUfSLorTYv0qqw71QrGbSN6uZhY4jwE3mXiPYfiOOAAPYBmcpNC5Sv yv3NAav1bfnOvkSHe1vOLnVJcEVU4Qtxhy9TbVAAikJOwcvEjuXkRzB49/1s6TZ/x7+kkkmppm1aA4 vnR736lE5UWwRyso=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=dkim-high; h=content-type:cc:to:subject:message-id:date:from:in-reply-to:references: mime-version:from; bh=Yk5Z8dgXeBglHRYgM0mYACz05xJdVBazGjUnbRbMOsY=; b=eFyrn5rwtx7UaU165dXwuSNkVJtODu3Oeg2xywnT51XmTdREoKArFInS3GsgT8d3AfexveseIyA6l tYfBv/ly7U0sO/Sh496HoTSzV5OAwgcqpBFA34+OrC4wgGXotSPfg+2H30r1z4VJCHKEMK0i2wavAS y10ndJrCp8CQNdKT4aX4FGm/c1dmBD1qX7SJTxVeSGwGxaNAz4cYxY5xc+wgYPmK5iBDWMsyELoiEa Qs7YyEd3cWDFgdJK5w4QT5dVf9AtNuyjUqFSY7PKbwYjVWlNa1XlUpB4KHQRnS6/TjxHnd2Mtc95Hj eB9P9DQ3DVeWbJZRluxFUbTSWdF3J7A==
X-MHO-RoutePath: bWNtYW51cw==
X-MHO-User: 587999ae-094f-11ea-b80c-052b4a66b6b2
X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information
X-Originating-IP: 209.85.167.182
X-Mail-Handler: DuoCircle Outbound SMTP
Received: from mail-oi1-f182.google.com (unknown [209.85.167.182]) by outbound3.ore.mailhop.org (Halon) with ESMTPSA id 587999ae-094f-11ea-b80c-052b4a66b6b2; Sun, 17 Nov 2019 15:31:39 +0000 (UTC)
Received: by mail-oi1-f182.google.com with SMTP id y194so13031987oie.4 for <wpack@ietf.org>; Sun, 17 Nov 2019 07:31:38 -0800 (PST)
X-Gm-Message-State: APjAAAW0SweeV2MtUmOPwJugYGkth4IMXuPqqRkW0nTcqfy190N78Gaw EtYLNRH4FJkUIdQ6k26OjSZCHrIBmJGfwI0llqQ=
X-Google-Smtp-Source: APXvYqy0J3oEk+vwcbMUMSTbY354EkEROLmoG92XKv6c6Fx1GjXrra+MEnAG2wNG/B9k2GGDdHw+3Lm+E9GPQhhHcBk=
X-Received: by 2002:aca:b105:: with SMTP id a5mr16664593oif.82.1574004697670; Sun, 17 Nov 2019 07:31:37 -0800 (PST)
MIME-Version: 1.0
References: <CAOdDvNrFOYNr+Y+orfKnVW4Wi+h-XwTFx089N_dpnFuLQ08Ftg@mail.gmail.com>
In-Reply-To: <CAOdDvNrFOYNr+Y+orfKnVW4Wi+h-XwTFx089N_dpnFuLQ08Ftg@mail.gmail.com>
From: Patrick McManus <mcmanus@ducksong.com>
Date: Sun, 17 Nov 2019 23:31:26 +0800
X-Gmail-Original-Message-ID: <CAOdDvNr1GwEpExuU3iAEOoRX4bFD=CSUKk1sMyyi6ES+cF853g@mail.gmail.com>
Message-ID: <CAOdDvNr1GwEpExuU3iAEOoRX4bFD=CSUKk1sMyyi6ES+cF853g@mail.gmail.com>
To: Patrick McManus <mcmanus@ducksong.com>
Cc: wpack@ietf.org
Content-Type: multipart/alternative; boundary="000000000000e12c9605978c86cd"
Archived-At: <https://mailarchive.ietf.org/arch/msg/wpack/or6kl1vkGVB4QZyxy9peKvDv1-c>
Subject: Re: [Wpack] WPACK BoF Notes
X-BeenThere: wpack@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Web Packaging <wpack.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/wpack>, <mailto:wpack-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wpack/>
List-Post: <mailto:wpack@ietf.org>
List-Help: <mailto:wpack-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/wpack>, <mailto:wpack-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 17 Nov 2019 15:31:46 -0000
This is the WPACK proposed charter text, also available at https://github.com/WICG/webpackage/blob/0b0a67a71c983b9dc91f89edf8ebb2a5758568b3/IETF-WG-charter.md -Patrick Background Webpages sometimes group multiple subresources into a single combined resource to allow cross-resource compression and to reduce the overhead of HTTP/1 requests. The W3C TAG (Technical Architecture Group) proposed a web packaging format based on multipart/* , to give web browsers visibility into the substructure of these combined resources. That has not seen deployment and HTTP/2 did not make these bundles unnecessary as was once expected. These bundles are still needed. In countries with expensive and/or unreliable mobile data, there is an established practice of sharing content and native applications peer-to-peer. Untrusted web content can generally be shared, but with the web's move to HTTPS, it is no longer possible to share web apps over these channels <https://github.com/WICG/webpackage/blob/0b0a67a71c983b9dc91f89edf8ebb2a5758568b3/IETF-WG-charter.md#wpack> WPACK The WPACK working group will develop a specification for a web packaging format that efficiently bundles multiple HTTP resources. It will also specify a way to optionally sign these resources such that a user agent can trust that they came from their claimed web origins. Key goals for WPACK are: - Efficient storage across a range of resource combinations. Three examples to be supported are: a client-generated snapshot of a complete web page, a web page's tree of JavaScript modules, and El Paquete Semanal from Cuba. - Safe web app installation after having been retrieved from a peer. - Low latency to load a subresource from a package, whether the package is signed or unsigned, and whether the package is streamed or loaded from random-access storage. - Being extensible, including to avoid cryptography that becomes obsolete. - Security and privacy properties of using bundles as close as practical to TLS 1.3 transport of the same resources. Where properties do change, the group will document exactly what changed and how content authors can compensate. - A low likelihood that the new format increases centralization or power imbalances on the web. The packaging format will also aim to achieve the secondary goals described in draft-yasskin-wpack-use-cases as long as they don't compromise or delay the above properties. The following potential goals are out of scope under this charter: - DRM - A way to distribute the private portions of a website. For example, WPACK might define a way to distribute Gmail's application but wouldn't define a way to distribute individual emails without a direct connection to Gmail's origin server. - Defining the details of how web browsers load the formats and interact with any protocols we define here. - A way to automatically discover the URL for an accessible package that includes specific content. Note that consensus is required both for changes to the current protocol mechanisms and retention of current mechanisms. In particular, because something is in the initial document set (consisting of draft-yasskin-wpack-use-cases, draft-yasskin-wpack-bundled-exchanges, and draft-yasskin-http-origin-signed-responses) does not imply that there is consensus around the feature or around how it is specified. <https://github.com/WICG/webpackage/blob/0b0a67a71c983b9dc91f89edf8ebb2a5758568b3/IETF-WG-charter.md#relationship-to-other-wgs-and-sdos>Relationship to Other WGs and SDOs WPACK will work with the W3C and WHATWG to identify the existing security and privacy models for the web, and to ensure those SDOs can define how this format is used by web browsers. <https://github.com/WICG/webpackage/blob/0b0a67a71c983b9dc91f89edf8ebb2a5758568b3/IETF-WG-charter.md#milestones> Milestones - Chartering + 3 Months: Working group adoption of use cases document - Chartering + 3 Months: Working group adoption of bundling document - Chartering + 3 Months: Working group adoption of security analysis document - Chartering + 3 Months: Working group adoption of privacy analysis document - Chartering + 3 Months: Working group adoption of signing document - Chartering + 18 Months: Use cases document to IESG - Chartering + 18 Months: Bundling document to IESG - Chartering + 24 Months: Security analysis document to IESG - Chartering + 24 Months: Privacy analysis document to IESG - Chartering + 24 Months: Signing document to IESG On Sun, Nov 17, 2019 at 11:28 PM Patrick McManus <mcmanus@ducksong.com> wrote: > Hi All, > > I have few notes to share with the list in the role of chair for > Wednesday's BoF.. > > The proponents have updated their proposed charter a little bit. As this > is a potentially WG forming BoF we'll be talking about that proposal > extensively - it is located here as part of the meeting materials: > https://datatracker.ietf.org/meeting/106/materials/slides-106-wpack-proposed-charter-00-01 .and > I will reply to this message with a copy of it to seed any discussion > beforehand. Feel free to comment on the list ahead of time if you like - > there are fewer time constraints on the list of course. > > Likewise, several of the presentations have been posted (3 of 5 I believe) > and I expect the others to be available on Monday. The meeting materials in > general, including these slides, are > https://datatracker.ietf.org/meeting/106/session/wpack > > Before the meeting please make sure to read > https://tools.ietf.org/html/draft-iab-escape-report-00 which is the > report from the IAB Workshop on Exploring Synergy between Content > Aggregation and the Publisher Ecosystem (ESCAPE). > > Our agenda, as of this time, is below. I look forward to our meeting on > Wednesday - see .you then! > > -Patrick > > # Overview > > * IETF 106 - WPACK (Web Packaging) BoF > * 15:20 - 16:50 Wednesday Afternoon session II Room Collyer > > * Minutes: https://etherpad.ietf.org/p/notes-ietf-106-wpack?useMonospaceFont=true > * BoF Proposal: https://trac.tools.ietf.org/bof/trac/wiki/WPACK > * BoF Proposed Charter: https://github.com/WICG/webpackage/blob/master/IETF-WG-charter.md > * Mailing List Archive: https://mailarchive.ietf.org/arch/browse/wpack/ > * Related Background: IAB ESCAPE Workshop report https://datatracker.ietf.org/doc/draft-iab-escape-report/ > > # Agenda > > * 5min Introduction -- Chair > > ## Background Presentations: > * 5min Community Networking Use Cases -- Spencer Sevilla and Matt Johnson > * 5min Pre-installed Websites Use Cases-- Brian Kardell (remotely) > * 5min AMP Use Cases -- Devin Mullins > * 5min Unsigned Bundle Sharing Use Cases -- Kinuko Yasuda (maybe remotely) > > ## Looking Forward > > * 10min Use Case Discussion > > * 10min Proposed Approach -- Jeffrey Yasskin > > * 10min General Clarification and Discussion > > * 20min Charter Review and Discussion > > * 15min BoF Polls -- Chair > > >
- [Wpack] WPACK BoF Notes Patrick McManus
- Re: [Wpack] WPACK BoF Notes Patrick McManus
- [Wpack] Charter proposal Phillip Hallam-Baker