Remaining lifetime | Re: draft-ietf-httpbis-http2-encryption-06.txt

Kari Hurtta <hurtta-ietf@elmme-mailer.org>: (Wed Jun 22 19:36:14 2016)
> Opportunistic Security for HTTP
> https://tools.ietf.org/html/draft-ietf-httpbis-http2-encryption-06
> 
> 
> https://tools.ietf.org/html/draft-ietf-httpbis-http2-encryption-06#section-5.1
> 
> |   When the value of the "tls-commit" member is "true" ([RFC7159],
> |   Section 3), it indicates that the origin makes such a commitment for
> |   the duration of the origin object lifetime.
> 
> |   Including "tls-commit" creates a commitment to provide a secured
> |   alternative service for the advertised period.  Clients that receive
> |   this commitment can assume that a secured alternative service will be
> |   available for the origin object lifetime.  Clients might however
> |   choose to limit this time (see Section 5.3).
> 
> https://tools.ietf.org/html/draft-ietf-httpbis-http2-encryption-06#section-6
> 
> |   o  The origin object has a "lifetime" member, whose value is a number
> |      indicating the number of seconds which the origin object is valid
> |      for (hereafter, the "origin object lifetime"), and
> |
> |   o  The origin object lifetime is greater than the "current_age" (as
> |      per [RFC7234], Section 4.2.3).
> 
> I think that this does not say when origin's object lifitime starts.
> This seems imply that object lifetime start from that point what "current_age"
> calculation uses but that is not required.
> 
> Therefore I guess that remaining lifetime (and possible remaining commitment)
> 
>    = lifetime - "current_age"
> 
> 
> But seem that remaining commintment time
>     = value of "lifitime"
> 
> is also possible reading.  This does not look dangerous.

Perhaps add to somewhere:

  Remaining lifetime of origin object is origin object lifetime
  subtracted "current_age" of response. This is also remaining
  duration for opportunistic commitment ("tls-commit").

Or something like that ?

/ Kari Hurtta

Received on Monday, 4 July 2016 16:05:22 UTC