Re: Alt-Svc WGLC

Got it. (I don't like the language in the proposed change, but I don't
think my misunderstanding is necessarily reflective of ambiguity, more
of my thinking this was from a different section of the draft,
drastically changing the context in my mind.)

>From host_security, the issue seems to be:

 * If strong authentication is not used, then the origin and the
alternative service host must be the same
 * If strong authentication *is* used, then the host for the
alternative service must authenticate itself as the origin

Is the language in the second bullet point both precise enough to
limit the alt-svc hosts to what we mean, but broad enough to encompass
existing authentication schemes? If so, then maybe something like:

"Clients MUST NOT use unauthenticated alternative services with a host
that is different from the origin or authenticated alternative
services with a host that does not authenticate itself as the origin."

It has to be somewhat imprecise (what does it mean to "authenticate
itself as the origin"?) to be broadly applicable.

Kyle

On Mon, Jan 11, 2016 at 6:43 PM, Martin Thomson
<martin.thomson@gmail.com> wrote:
> On 12 January 2016 at 03:05, Kyle Rose <krose@krose.org> wrote:
>> How about "Clients MUST NOT use an alternative service with a host
>> that is different from the origin's without strong server
>> authentication of the alternative service declaration"?
>
> That changes the intent.  The server that is ultimately contacted
> (after all the alt-svc shenannigans) MUST be authoritative for the
> origin of the resources that it serves.
>
> Yes, we want to authenticate the alt-svc declaration, but that isn't
> actually a necessary precondition on getting what we really want: an
> authority for the resource itself.

Received on Tuesday, 12 January 2016 00:50:16 UTC