Re: [TLS] Fwd: New Version Notification for draft-thomson-http-replay-00.txt

• From: Kazuho Oku <kazuhooku@gmail.com>
• Date: Mon, 26 Jun 2017 16:03:24 +0900
• To: Martin Thomson <martin.thomson@gmail.com>
• Cc: "tls@ietf.org" <tls@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
• Message-ID: <CANatvzx8rPPQ-gpPyYAPuvZ4NBFxwSZZHVTEOuAbU0hbAG1Wwg@mail.gmail.com>

Hi,

Thank you for working on the I-D.

This is a must-have and I am looking forward to seeing it
standardized. H2O will implement this specification.

One question: is the name `early-data` a good choice?

The reason I raise the concern is because what the header suggest is
if the endpoint has not yet seen a proof (i.e. ClientFinished). The
name "early-data" might be confusing since it may seem to imply _when_
the request has been received rather than the current state of the
connection.

Other than that I the draft looks good to me.


2017-06-22 16:32 GMT+09:00 Martin Thomson <martin.thomson@gmail.com>:
> FYI,
>
> Mark, Willy, and I have put together a draft that describes how HTTP
> works with early data (or 0-RTT).
>
> The main thing of interest is the technique we recommend for avoiding
> exposure to replays, particularly given that HTTP is often
> intermediated.
>
> If you have specific comments about the draft, I'd appreciate it if
> you could take those to the HTTP working group
> <mailto:ietf-http-wg@w3.org>.  Of course, you should feel free to
> start another massive thread about the various ways in which you think
> early data represents the beginning of the end for modern
> civilization.  That seems to be the usual reaction to this sort of
> email.
>
> --Martin
>
> ---------- Forwarded message ----------
> From:  <internet-drafts@ietf.org>
> Date: 22 June 2017 at 16:50
> Subject: New Version Notification for draft-thomson-http-replay-00.txt
>
> Name:           draft-thomson-http-replay
> Revision:       00
> Title:          Using Early Data in HTTP
> Document date:  2017-06-22
> Group:          Individual Submission
> Pages:          9
> URL:
> https://www.ietf.org/internet-drafts/draft-thomson-http-replay-00.txt
> Status:         https://datatracker.ietf.org/doc/draft-thomson-http-replay/
> Htmlized:       https://tools.ietf.org/html/draft-thomson-http-replay-00
> Htmlized:
> https://datatracker.ietf.org/doc/html/draft-thomson-http-replay-00
>
>
> Abstract:
>    This document explains the risks of using early data for HTTP and
>    describes techniques for reducing them.  In particular, it defines a
>    mechanism that enables clients to communicate with servers about
>    early data, to assure correct operation.
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls



-- 
Kazuho Oku

Received on Monday, 26 June 2017 07:03:57 UTC