IETF Logo Mail Archive

I-D Action: draft-ietf-httpbis-unprompted-auth-08.txt

internet-drafts@ietf.org Fri, 05 July 2024 21:56 UTC

Received: by ietfa.amsl.com (Postfix) id 5B5BCC169402; Fri, 5 Jul 2024 14:56:19 -0700 (PDT)
Delivered-To: ietfarch-httpbisa-archive-bis2juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5ACBBC15170B for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 5 Jul 2024 14:56:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.757
X-Spam-Level:
X-Spam-Status: No, score=-2.757 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, MAILING_LIST_MULTI=-1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="W1uY0rQ7"; dkim=pass (2048-bit key) header.d=w3.org header.b="lex5CAPC"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RLWKTp3uzFlf for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 5 Jul 2024 14:56:18 -0700 (PDT)
Received: from mab.w3.org (mab.w3.org [IPv6:2600:1f18:7d7a:2700:d091:4b25:8566:8113]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D7011C151531 for <httpbisa-archive-bis2Juki@ietf.org>; Fri, 5 Jul 2024 14:56:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Date:Message-ID:Reply-To:Cc:To:From:Content-Type:MIME-Version :In-Reply-To:References; bh=5MzYbJxl+9ZYCdLHSHoNNYgb0QSEy7r1Fb3k4jJZ7OM=; b=W 1uY0rQ7ljclYlgfE/D2JKTHjc1Ygctys2Fz0epvcF1gr34PB67kBAh1mtaVJTe3WdzsifgUJa/7u0 Hy691F1ewwA80q+mEafoAD1OQFhgJ78BAengl/Tyy1q3VKgmMyk52xPGF9awpGNMYYj9H6fHwBgyT Rc9LLh2lWPnFTWZQtLUwUa2/xAAOH9TxOfGE6S3yDGmhZ+Fe7XCowqNKDbVYfrx3EDS7Vsur6Xx9J tf/TI1t7f+ZCrcsrkYZzUkHwBqFmzr8R1n6ihlTOJ++Yc2gbHPiIFUVqayegVLjD+syVxpEQMekkx HLOSrpzVGhONr0tmpoR5RlayuOXY1V2+A==;
Received: from lists by mab.w3.org with local (Exim 4.96) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1sPqtb-005HpF-1M for ietf-http-wg-dist@listhub.w3.org; Fri, 05 Jul 2024 21:55:11 +0000
Resent-Date: Fri, 05 Jul 2024 21:55:11 +0000
Resent-Message-Id: <E1sPqtb-005HpF-1M@mab.w3.org>
Received: from ip-10-0-0-224.ec2.internal ([10.0.0.224] helo=puck.w3.org) by mab.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <internet-drafts@ietf.org>) id 1sPqtZ-005HoI-03 for ietf-http-wg@listhub.w3.internal; Fri, 05 Jul 2024 21:55:09 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Date:Message-ID:Reply-To:Subject:Cc:To:From:Content-Type:MIME-Version :In-Reply-To:References; bh=5MzYbJxl+9ZYCdLHSHoNNYgb0QSEy7r1Fb3k4jJZ7OM=; t=1720216509; x=1721080509; b=lex5CAPCicEgsABzlOBuevS86/iyMhYGL/ZkJCfYbTwJ/HX jmlBGJHLvyb2/UIkNSnts8bbMMa9rLlogl1tzvpO3eHCxa/4lUAH9tPQmXXZb50YH4EI1xKKyPppp eGd1maBfbktrGJcI/o2lNhu8EgZtw7lhrFRx/Jn1V4TAR0KuWAvhcrDChCdyh+EqQ3i/Rw+oPe8Eo FYpCiT4VcPja5PjpLmcwCJimJENpYVtGNdlyAyyXxzcP9rSlXln+kUNnGhChUNajp1cNSHkArwZG8 NhTBK9quZLFp9FcD5twfWh8KXvNLuclXvJNG8TYFkhAx8Dvpg4ccgZkPdEeKRs3Q==;
Received-SPF: pass (puck.w3.org: domain of ietf.org designates 50.223.129.194 as permitted sender) client-ip=50.223.129.194; envelope-from=internet-drafts@ietf.org; helo=mail.ietf.org;
Received: from mail.ietf.org ([50.223.129.194]) by puck.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <internet-drafts@ietf.org>) id 1sPqtY-00FBzD-0e for ietf-http-wg@w3.org; Fri, 05 Jul 2024 21:55:08 +0000
Received: from [10.244.2.3] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id 574C7C1D5C4D; Fri, 5 Jul 2024 14:55:04 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: ietf-http-wg@w3.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.17.1
Auto-Submitted: auto-generated
Reply-To: ietf-http-wg@w3.org
Message-ID: <172021650400.1449701.8339228927905922229@dt-datatracker-5f88556585-g8gwj>
Date: Fri, 05 Jul 2024 14:55:04 -0700
X-W3C-Hub-Spam-Status: No, score=-0.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DMARC_PASS=-0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, W3C_NW=1
X-W3C-Scan-Sig: puck.w3.org 1sPqtY-00FBzD-0e c9a0121abb61ca696db589d6ee00357b
X-Original-To: ietf-http-wg@w3.org
Subject: I-D Action: draft-ietf-httpbis-unprompted-auth-08.txt
Archived-At: <https://www.w3.org/mid/172021650400.1449701.8339228927905922229@dt-datatracker-5f88556585-g8gwj>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/52048
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Internet-Draft draft-ietf-httpbis-unprompted-auth-08.txt is now available. It
is a work item of the HTTP (HTTPBIS) WG of the IETF.

   Title:   The Concealed HTTP Authentication Scheme
   Authors: David Schinazi
            David M. Oliver
            Jonathan Hoyland
   Name:    draft-ietf-httpbis-unprompted-auth-08.txt
   Pages:   16
   Dates:   2024-07-05

Abstract:

   Most HTTP authentication schemes are probeable in the sense that it
   is possible for an unauthenticated client to probe whether an origin
   serves resources that require authentication.  It is possible for an
   origin to hide the fact that it requires authentication by not
   generating Unauthorized status codes, however that only works with
   non-cryptographic authentication schemes: cryptographic signatures
   require a fresh nonce to be signed.  At the time of writing, there
   was no existing way for the origin to share such a nonce without
   exposing the fact that it serves resources that require
   authentication.  This document proposes a new non-probeable
   cryptographic authentication scheme.

The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-httpbis-unprompted-auth/

There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-httpbis-unprompted-auth-08.html

A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-httpbis-unprompted-auth-08

Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts

v2.26.8 | Report a Bug | By Email | System Status