Re: Comments on draft-ietf-httpbis-http2-secondary-certs-04 from Ryan Sleevi on 2019-08-08 (ietf-http-wg@w3.org from July to September 2019)

From: Ryan Sleevi <ryan-ietf@sleevi.com>
Date: Thu, 8 Aug 2019 11:00:02 -0400
To: Watson Ladd <watson@cloudflare.com>
Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <CAErg=HEKVcbCuP=5ROP_mh9-EFuBzXCRTChX6RHOmNim1YD-LQ@mail.gmail.com>

On Thu, Aug 8, 2019 at 8:27 AM Watson Ladd <watson@cloudflare.com> wrote:

> Section 6.4 seems a little strong to me: it's unlikely that $CDN will
> claim control of all origins it could claim authority over on a connection,
> but more likely that it does so for ones in subrequests, link headers etc..
>

From a security considerations point of view, isn't it more useful to
describe how it potentially could be abused or misused, rather than assume
how it's likely to be used?

That is, is the argument that the Security Considerations should be
guidelines for servers deploying it, rather than clients implementing it?
The lack of in-step synchronization with DNS seems incredibly important to
implementor's security assumptions, and thus important to call out, so I'm
curious which bit is seen as a little strong?

>

Received on Thursday, 8 August 2019 15:00:37 UTC