Re: Working Group Last Call: The Concealed HTTP Authentication Scheme
David Schinazi <dschinazi.ietf@gmail.com> Fri, 05 July 2024 21:57 UTC
Received: by ietfa.amsl.com (Postfix) id 3D938C16941B; Fri, 5 Jul 2024 14:57:29 -0700 (PDT)
Delivered-To: ietfarch-httpbisa-archive-bis2juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BC10C14F70F for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 5 Jul 2024 14:57:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.857
X-Spam-Level:
X-Spam-Status: No, score=-2.857 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="VCaBDJdO"; dkim=pass (2048-bit key) header.d=w3.org header.b="YdLR+OqA"; dkim=pass (2048-bit key) header.d=gmail.com header.b="bMhK33We"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Jzew8dLSPrS for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 5 Jul 2024 14:57:25 -0700 (PDT)
Received: from mab.w3.org (mab.w3.org [IPv6:2600:1f18:7d7a:2700:d091:4b25:8566:8113]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D7BDC16940D for <httpbisa-archive-bis2Juki@ietf.org>; Fri, 5 Jul 2024 14:57:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Content-Type:Cc:To:Message-ID:Date:From:In-Reply-To: References:MIME-Version:Reply-To; bh=zr4tD3yK6MudT9b8/pbKVANZgsDgdiN7OYuoEsmdexQ=; b=VCaBDJdOkl0MMmRapZ+xf/zbvp TP6z5c1f0PSSwSp19j9Q5D0W+ME6N8i4MPPhvnWsjgln1vuaLjFn1zQn9Og/J98tL8aO5vAuWW26+ 57rTQx2HHLpzDl/rhlcO8ssXadIj0NxaSElHn3MXEiMXBxNGP6VlfYh5VZdZk/L6l9H0EQdujA8kg lQUhjk+DLzjKV4GrfM8K94J/9uv3JzvqLk6R1RyqWNtqfiRsoTqOBt6U71Ud9Si9xPJeeaYZBlJQq UVyflxiph246+fPwH4R+k3Uynt0dl8UmzuYWx0gG+nxpGT5EfImAZzV+Ce+H3hrhK029jnFoLBHeM z5Bq4btA==;
Received: from lists by mab.w3.org with local (Exim 4.96) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1sPqvA-005HuW-1C for ietf-http-wg-dist@listhub.w3.org; Fri, 05 Jul 2024 21:56:48 +0000
Resent-Date: Fri, 05 Jul 2024 21:56:48 +0000
Resent-Message-Id: <E1sPqvA-005HuW-1C@mab.w3.org>
Received: from ip-10-0-0-224.ec2.internal ([10.0.0.224] helo=puck.w3.org) by mab.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <dschinazi.ietf@gmail.com>) id 1sPqv8-005HtR-2P for ietf-http-wg@listhub.w3.internal; Fri, 05 Jul 2024 21:56:46 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Content-Type:Cc:To:Subject:Message-ID:Date:From:In-Reply-To: References:MIME-Version:Reply-To; bh=zr4tD3yK6MudT9b8/pbKVANZgsDgdiN7OYuoEsmdexQ=; t=1720216606; x=1721080606; b=YdLR+OqAWFS0a83D9tTlOtiyj5d3qRWp03QsIP08Q8CMrxEmXSxxbluFhW8pPNJJot5P1DP1vyT RxLzpWzJO/bRowum1yDHOTItLwUHF5XTH/94HALg0t6WSLUWbEGGQN+Vt///n7NcY4Hs7FGsOEMOM ggbvQ54VEd2L0xpgPznXs/yAL8UDARjBOLPNFc4IwyveqMxkz2YzuU1DEp/PeAz4r5/5REM3JYAqI +j1nZzEwUvQnbKrcI2idFHRxt6ozwqAFxwUaCxkt5/nrqu0oMbgu8BEmQmoUA9jikcQBSsHewMN8c xajDzi0nlIZ597DpvJbrBL8t9IUBdWXsl4qg==;
Received-SPF: pass (puck.w3.org: domain of gmail.com designates 2a00:1450:4864:20::134 as permitted sender) client-ip=2a00:1450:4864:20::134; envelope-from=dschinazi.ietf@gmail.com; helo=mail-lf1-x134.google.com;
Received: from mail-lf1-x134.google.com ([2a00:1450:4864:20::134]) by puck.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from <dschinazi.ietf@gmail.com>) id 1sPqv8-00FC0Q-0H for ietf-http-wg@w3.org; Fri, 05 Jul 2024 21:56:46 +0000
Received: by mail-lf1-x134.google.com with SMTP id 2adb3069b0e04-52e98087e32so2307178e87.2 for <ietf-http-wg@w3.org>; Fri, 05 Jul 2024 14:56:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1720216602; x=1720821402; darn=w3.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=zr4tD3yK6MudT9b8/pbKVANZgsDgdiN7OYuoEsmdexQ=; b=bMhK33We2VJBnlU4zJe4REMhiNMA8//P+SeW0mWgDobNdLQfSI93+FH7uzOUjm+6U/ fAlCx5llxhUE9PCBoFyKDCVpXl7VhMaLody5t3foquIwS1nSxLJ3+PAMFvUC/FElVqwu /O0A3ACc2LJHzD+PDIjCQkG0wZwCBlH9X3PUf9Rg5/j3HqVoJfO8m5fle5mwnfvdAkxk JIbaZ+wI98Ecfe7vXdg8G4QqR5KE9Ey565Z5yF5kK/d/PquR/9XeK3dfaobfb7qfst9e 3RuxT/94/IVypiavrN5cRYjJfkpdJr5NWTcepB9QAayVeRvjlPN67A6qBiWFcJsRYwIT fXbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720216602; x=1720821402; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=zr4tD3yK6MudT9b8/pbKVANZgsDgdiN7OYuoEsmdexQ=; b=GeVdVKrm0xFLVr/GEvZzwjulGW02KhP8inQAvP86BVqcQwGiUWUOifpJMTnXhdjldl 9x5EnKVWqiYiCTOHqIyTewYQIPgA2W708LB4SMJP2EqpErd1zvWULvHKFap3guLSpN9P c70PivPOhtZZ42FuSZFrH+mGtsEgn+dbAbLsb/CpVYC7ZoqEfdikrnyF2aHQexQqN6mD 3OWzXeJqOam0GMZWzPLYsM9UR2HcJyvbzuJQZMhQEnLZNuVrwS83eZAzAwAXsY4giFdI +L0JNDqxHWNz16GTd92DL/ccXlix0nQesAuQ4835PlStfGs7E87WuptPmGWJRVlSq9iw nz/g==
X-Forwarded-Encrypted: i=1; AJvYcCVhzlMh64OweMmAmL0maF09huxKweKMWiOic3sdomtLpkajNNq4LzfWvPemowsquo3jFrwO7wanTFp3ZJgl+sXi5p3S
X-Gm-Message-State: AOJu0YzvuEDE0kKQrz3xLxUFzK2wYMGG9arfVxoixbk1z/oaFqwQ2Wxh tYq1E21g5bilpaMA2cLi0tvWaGMdlvY2rgVHcr4hovwRzYdf0/wT6fff+2PsTwFty+a9QO5+FLU IkDRTves2Ev/7ez0Eo9jPQ9MkH2ivTTW/
X-Google-Smtp-Source: AGHT+IF75HmU+Cz3DwJ3WRAmSIkmTdTW+a+p01oQ6SVYF8ZG1I5vv3oBSZoH1ZxZuTdPT45iIQzg/Hfx9oj70SON7+g=
X-Received: by 2002:ac2:5eda:0:b0:52c:9e51:c3f with SMTP id 2adb3069b0e04-52ea06b85a9mr3726258e87.42.1720216601339; Fri, 05 Jul 2024 14:56:41 -0700 (PDT)
MIME-Version: 1.0
References: <4270C5C8-23AA-456C-8AB4-A8B23E83224C@mnot.net> <3CCDDF59-8433-468A-A5D4-FDB1FA7A8E49@apple.com>
In-Reply-To: <3CCDDF59-8433-468A-A5D4-FDB1FA7A8E49@apple.com>
From: David Schinazi <dschinazi.ietf@gmail.com>
Date: Fri, 05 Jul 2024 14:56:29 -0700
Message-ID: <CAPDSy+6g1udDJX5AUuEZ8gpLEjt0mgtf_kwOzKEVSZxjbaeZvA@mail.gmail.com>
To: Tommy Pauly <tpauly@apple.com>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>, David Oliver <david@guardianproject.info>, Jonathan Hoyland <jonathan.hoyland@gmail.com>
Content-Type: multipart/alternative; boundary="00000000000075b2f7061c8723d5"
X-W3C-Hub-DKIM-Status: validation passed: (address=dschinazi.ietf@gmail.com domain=gmail.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-6.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: puck.w3.org 1sPqv8-00FC0Q-0H bcccf0189d1a3f4d342f4a597072dff1
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Working Group Last Call: The Concealed HTTP Authentication Scheme
Archived-At: <https://www.w3.org/mid/CAPDSy+6g1udDJX5AUuEZ8gpLEjt0mgtf_kwOzKEVSZxjbaeZvA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/52049
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Thank you Tommy. I've submitted -08 to incorporate the editorial changes made during WGLC. Diff at [1]. I looked into adding test vectors, however for this particular spec it would be more work and less value than usual, because of the dependency on the TLS key exporter. Since the three independent implementations were able to successfully interop without them, I think it best to skip them here. David [1] https://author-tools.ietf.org/iddiff?url2=draft-ietf-httpbis-unprompted-auth-08 On Fri, Jun 28, 2024 at 1:20 AM Tommy Pauly <tpauly@apple.com> wrote: > Thanks to everyone who provided feedback! We believe we have consensus to > move forward. > > Authors, please submit a new version that incorporates the WGLC comments. > Please consider including a test vector, as Martin suggested, as well. > > Best, > Tommy > > > On Jun 11, 2024, at 8:55 PM, Mark Nottingham <mnot@mnot.net> wrote: > > > > Working Group participants, > > > > This e-mail announces Working Group Last Call for revision 07 of the > following document: > > https://datatracker.ietf.org/doc/draft-ietf-httpbis-unprompted-auth/ > > > > There are no outstanding issues in GitHub, and the editors indicate that > they believe it is ready. > > > > Please review the document and raise any issues you find (preferably on > GitHub, but also acceptable on-list) and indicate whether you support > publication (or object to it) in response to this message. > > > > Working Group Last Call will end on 27 June 2024. > > > > Cheers, > > > > -- > > Mark Nottingham https://www.mnot.net/ > > > > > >
- Working Group Last Call: The Concealed HTTP Authe… Mark Nottingham
- Re: Working Group Last Call: The Concealed HTTP A… Dennis Jackson
- Re: Working Group Last Call: The Concealed HTTP A… David Schinazi
- RE: Working Group Last Call: The Concealed HTTP A… Mike Bishop
- Re: Working Group Last Call: The Concealed HTTP A… David Schinazi
- Re: Working Group Last Call: The Concealed HTTP A… Watson Ladd
- Re: Working Group Last Call: The Concealed HTTP A… Martin Thomson
- Re: Working Group Last Call: The Concealed HTTP A… Tommy Pauly
- Re: Working Group Last Call: The Concealed HTTP A… David Schinazi