- From: Jeffrey Yasskin <jyasskin@chromium.org>
- Date: Wed, 14 Mar 2018 23:14:52 +0000
- To: HTTP Working Group <ietf-http-wg@w3.org>
- Message-ID: <CANh-dX=L0mKGccPv3gnVithPVTcz9ntqzUXJbOfzAYkMnJP4cA@mail.gmail.com>
The pretty version of this draft is at https://wicg.github.io/webpackage/draft-yasskin-http-origin-signed-responses.html . I've tried to address Ekr's concerns from https://lists.w3.org/Archives/Public/ietf-http-wg/2018JanMar/0077.html, which turned out to be less about privacy implications, and more about attackers' ability to replay content to victim clients. The new draft blocks certain headers and gives guidelines to signers about how to systematically avoid mistakes. I'm looking for feedback about whether I've picked the right set of headers and guidelines, and if these are sufficient. I did not address Martin's concerns from https://lists.w3.org/Archives/Public/ietf-http-wg/2018JanMar/0085.html about the architectural implications of removing the initial connection to the publisher's server because I couldn't get an explanation of the harm that might cause to the publisher or the client. I'd love to get such an explanation so that I can address it. In the next draft, we're planning changes to what's currently the application/http-exchange+cbor format to avoid the need for a streaming CBOR parser and to bound the amount of memory a browser process needs to incrementally verify the exchange. This will tie the format more closely to signed exchanges instead of general HTTP exchanges, especially if we design it to allow verifying the signature without reserializing the headers. Please holler if you really want a general HTTP exchange representation. Any other feedback is also welcome. Happy Pi day and see you all next week, Jeffrey ---------- Forwarded message --------- From: <internet-drafts@ietf.org> Date: Mon, Mar 5, 2018 at 1:09 PM Subject: New Version Notification for draft-yasskin-http-origin-signed-responses-03.txt To: Jeffrey Yasskin <jyasskin@chromium.org> A new version of I-D, draft-yasskin-http-origin-signed-responses-03.txt has been successfully submitted by Jeffrey Yasskin and posted to the IETF repository. Name: draft-yasskin-http-origin-signed-responses Revision: 03 Title: Signed HTTP Exchanges Document date: 2018-03-05 Group: Individual Submission Pages: 49 URL: https://www.ietf.org/internet-drafts/draft-yasskin-http-origin-signed-responses-03.txt Status: https://datatracker.ietf.org/doc/draft-yasskin-http-origin-signed-responses/ Htmlized: https://tools.ietf.org/html/draft-yasskin-http-origin-signed-responses-03 Htmlized: https://datatracker.ietf.org/doc/html/draft-yasskin-http-origin-signed-responses-03 Diff: https://www.ietf.org/rfcdiff?url2=draft-yasskin-http-origin-signed-responses-03 Abstract: This document specifies how a server can send an HTTP request/ response pair, known as an exchange, with signatures that vouch for that exchange's authenticity. These signatures can be verified against an origin's certificate to establish that the exchange is authoritative for an origin even if it was transferred over a connection that isn't. The signatures can also be used in other ways described in the appendices. These signatures contain countermeasures against downgrade and protocol-confusion attacks. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
Received on Wednesday, 14 March 2018 23:15:36 UTC