IETF Logo Mail Archive

Re: [wpkops] Taxonomy of Browser Behaviors - "Hard Fail", "Soft Fail" and "Reload Request"

Gervase Markham <gerv@mozilla.org> Wed, 30 April 2014 08:48 UTC

Return-Path: <gerv@mozilla.org>
X-Original-To: wpkops@ietfa.amsl.com
Delivered-To: wpkops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FCE81A6F1F for <wpkops@ietfa.amsl.com>; Wed, 30 Apr 2014 01:48:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.278
X-Spam-Level:
X-Spam-Status: No, score=-3.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_ORG=0.611, HOST_MISMATCH_COM=0.311, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZXX-sGobwGPm for <wpkops@ietfa.amsl.com>; Wed, 30 Apr 2014 01:48:44 -0700 (PDT)
Received: from smtp.mozilla.org (mx1.corp.phx1.mozilla.com [63.245.216.69]) by ietfa.amsl.com (Postfix) with ESMTP id 93BE11A6F25 for <wpkops@ietf.org>; Wed, 30 Apr 2014 01:48:43 -0700 (PDT)
Received: from [192.168.0.101] (93.243.187.81.in-addr.arpa [81.187.243.93]) (Authenticated sender: gerv@mozilla.org) by mx1.mail.corp.phx1.mozilla.com (Postfix) with ESMTPSA id CA327F2BDE; Wed, 30 Apr 2014 01:48:40 -0700 (PDT)
Message-ID: <5360B8E6.7080106@mozilla.org>
Date: Wed, 30 Apr 2014 09:48:38 +0100
From: Gervase Markham <gerv@mozilla.org>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:30.0) Gecko/20100101 Thunderbird/30.0a2
MIME-Version: 1.0
To: Wayne Thayer <wthayer@godaddy.com>, "ben@digicert.com" <ben@digicert.com>, "wpkops@ietf.org" <wpkops@ietf.org>
References: <029801cf63dd$0f484330$2dd8c990$@digicert.com> <93c43a17f6194fdeb2df96d25188090e@CO1PR02MB064.namprd02.prod.outlook.com>
In-Reply-To: <93c43a17f6194fdeb2df96d25188090e@CO1PR02MB064.namprd02.prod.outlook.com>
X-Enigmail-Version: 1.7a1pre
OpenPGP: id=9DF43DBB
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/wpkops/d7koHBaZIiDUJ1m-SdcN7m4Wb70
Subject: Re: [wpkops] Taxonomy of Browser Behaviors - "Hard Fail", "Soft Fail" and "Reload Request"
X-BeenThere: wpkops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <wpkops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/wpkops>, <mailto:wpkops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/wpkops/>
List-Post: <mailto:wpkops@ietf.org>
List-Help: <mailto:wpkops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/wpkops>, <mailto:wpkops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Apr 2014 08:48:51 -0000

On 29/04/14 23:02, Wayne Thayer wrote:
> In the context of revocation, I have a different concept of the terms
> “soft fail” and “hard fail” than what you describe below. I think of
> soft fail as a scenario where a browser checks OCSP, does not receive a
> response, and proceeds as if it had received a “good” response without
> any indication to the user.
> 
> Also, I think of revocation “hard fail” as the scenario you describe
> below as “soft fail” where the browser presents a blocking error that
> the user can then choose to bypass.

...or does not allow a bypass. Both are "hard fail" - the term does not
distinguish.

As Wayne says, certainly in discussions of revocation, hard-vs-soft fail
is a very limited question of the behaviour of the browser when it does
not receive a response of any kind from the OCSP server. In soft fail,
it shows the site anyway. In hard fail, it does not.

I would advise not carrying this terminology over to other areas. It's
not very precise in other contexts.

Gerv

v2.23.0 | Report a Bug | By Email