From nobody Wed Feb 3 05:05:24 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.508 X-Spam-Level: X-Spam-Status: No, score=-4.508 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Wed, 03 Feb 2016 05:05:15 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1454504715; bh=DQ4kkuEAbs5SP+7V1/NHHOJ2g2Vy/ON1b7dqrm8SM8k=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=DKMo6xEJj6iDuHKMBvSIU1FwFIPnECrBcHlkrQiAw2BHbKnLzbVkf58SuwmLbkk1B qA3b90+uGRyt5/Pzx8akIcg4WMsEhp7lc6gaQ2gF6Dii5s6R+qQolCYk8oq+0iyxxb BqyEGq8tY5nKzpnN6bTNkt/lV0E9tPRaM5XbEaBk= To: httpwg/http-extensions Subject: [http-extensions] security considerations wrt system ports (#139) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56b1fb0b2bb4f_73263fc5016dd2a031604b9"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: reschke X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Feb 2016 13:05:23 -0000 ----==_mimepart_56b1fb0b2bb4f_73263fc5016dd2a031604b9 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit >From : -- Section 91 -- The third paragraph assumes that system ports are inherently more secure than user ports, and, as discussion during the development of RFC 6335 raised, that hasn't been the case for some time Many systems no longer make a distinction, and no longet require root authority to listen on system ports --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/139 ----==_mimepart_56b1fb0b2bb4f_73263fc5016dd2a031604b9 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

From https://listsw3org/Archives/Public/ietf-http-wg/2015OctDec/0539html:

-- Section 91 --
The third paragraph assumes that system ports are inherently more secure
than user ports, and, as discussion during the development of RFC 6335
raised, that hasn't been the case for some time Many systems no longer
make a distinction, and no longet require root authority to listen on
system ports

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56b1fb0b2bb4f_73263fc5016dd2a031604b9-- From nobody Wed Feb 3 05:05:38 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Wed, 03 Feb 2016 05:05:34 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1454504734; bh=kpWfXrIHJiga49A36e44E1nP28wVSEBhX2szU/H+9/U=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=JRYO2yMqUP+IM5fDX2YhJTi4ZgS8Bw3o7fWT1pW8i+LYlvGXPwdeRDiC+BUq9nAkI RX+Zac30upyBRfAaBz983QZCVIWaW2yBTvwp6a6rDjTb6VEdHOs46YGm5Ri3Z1lyQH iRgtvM8uiCwHkFB2RspckQnOC4lxwPl5EYpWbqHI= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] security considerations wrt system ports (#139) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56b1fb1ee3610_73203fc5016dd2a0368100"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: reschke X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Feb 2016 13:05:37 -0000 ----==_mimepart_56b1fb1ee3610_73203fc5016dd2a0368100 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit This would be addressed by https://github.com/httpwg/http-extensions/pull/134 --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/139#issuecomment-179219074 ----==_mimepart_56b1fb1ee3610_73203fc5016dd2a0368100 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

This would be addressed by #134

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56b1fb1ee3610_73203fc5016dd2a0368100-- From nobody Wed Feb 3 05:06:19 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Wed, 03 Feb 2016 05:06:15 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1454504775; bh=vLErw9+Sq/IZox5+IHd127ck7Tq3W0cQ3MUqNTNsnkY=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=WoqLUjFkXrvRpbqrAWD07lkkOscPDU0dh9Cz/UAmrldhN/3Z261mAbVb1YjwZ7xoi 4QsLDHdGFNFHtYb1G5WpZV8UDwhEzJB5pvimSx2l6anMnd6WHr4VbFz4GSuu1n85mr 0CicTNBVoUJK3xBaM+X0f/Z5C3tW+Jl0r4F49LVY= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Alt-Svc AD Review Feedback (#130) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56b1fb47d0497_737c3fc5016dd2a0153347e"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: reschke X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Feb 2016 13:06:18 -0000 ----==_mimepart_56b1fb47d0497_737c3fc5016dd2a0153347e Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closed #130. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/130#event-537504557 ----==_mimepart_56b1fb47d0497_737c3fc5016dd2a0153347e Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closed #130.

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56b1fb47d0497_737c3fc5016dd2a0153347e-- From nobody Wed Feb 3 05:06:20 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Wed, 03 Feb 2016 05:06:15 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1454504776; bh=P7HlTVRfIkh3QQvrdnOm0/PNvHoA6+SU/yumO48PMRg=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=yqXQPQ89BijspcvVWS1+mmBlknNIexeaupM5WVHSuk8L+d4GuD0WDS1heeBGQvVnJ 3AVvOchJp+126egnmudrZ2FezOnCRfSm7DvtyunKcHM2uOyp+YP1iSrSJLYmyed7ie L5ow3bUOhzNQtxKdLQtENM3zhBHupsTvWX5cUFS0= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Alt-Svc AD Review Feedback (#130) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56b1fb47eeda1_1a423f8d512b32c02850763"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: reschke X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Feb 2016 13:06:18 -0000 ----==_mimepart_56b1fb47eeda1_1a423f8d512b32c02850763 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Opened #139 to track one remaining issue. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/130#issuecomment-179219427 ----==_mimepart_56b1fb47eeda1_1a423f8d512b32c02850763 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Opened #139 to track one remaining issue.

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56b1fb47eeda1_1a423f8d512b32c02850763-- From nobody Wed Feb 3 16:45:25 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Wed, 03 Feb 2016 16:45:20 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1454546720; bh=SZ0Sv51bIoGd0yaPw6QT0qcqEjP6S8expnYF4/DTc/g=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=a0D7lYaSQlXSmgxgEtxSyxF3om4VcLnv3BlN3HqhCw2XIC3dugJfgMeLkwveyWVP6 3tN8GU/F+ot0yEIVsYQPiJsXRz2MiAPeLdGKpOqXMfeVbX0qIiAEOC3AXDMzJW1+JP t5X4VQAaMQhATN0Co0KcguzNbB0AWvYhL1+UD64E= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Altsvc samehost (#134) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56b29f2086068_182e3fb7e2f3729c1586d1"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Feb 2016 00:45:24 -0000 ----==_mimepart_56b29f2086068_182e3fb7e2f3729c1586d1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Merged #134. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/134#event-538454818 ----==_mimepart_56b29f2086068_182e3fb7e2f3729c1586d1 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Merged #134.

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56b29f2086068_182e3fb7e2f3729c1586d1-- From nobody Wed Feb 3 17:27:36 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Wed, 03 Feb 2016 17:27:31 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1454549251; bh=qvHRzaZGWDP4THfwKcWBkrZbmRZmK6d+hkpT2U3S6Gg=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=rfn7zB5OoPOv5VWioz2WkZupjKGUc2j4kzOcFi8WgGBRZAQU4Yshnu+l+LXTpsK1o vrlJxRzeMIjdFiAN2jI2089WMS/zQB2Lgbp/yBc2TnAHPPNVLdM51KsalDo/YTVzZ5 8sW5hwzUrrHnJUWWkNiJQJU/8Oj3rT4N7DXL7SMg= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Reconciling MAY/can vs. SHOULD (#101) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56b2a903e281b_34853ffc1cb1b2c01888a"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Feb 2016 01:27:35 -0000 ----==_mimepart_56b2a903e281b_34853ffc1cb1b2c01888a Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closed #101. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/101#event-538487515 ----==_mimepart_56b2a903e281b_34853ffc1cb1b2c01888a Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closed #101.

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56b2a903e281b_34853ffc1cb1b2c01888a-- From nobody Wed Feb 3 23:12:50 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Wed, 03 Feb 2016 23:12:44 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1454569965; bh=A8OeXzY73HlOwneZ1csk41F+vWxVVYoJ1Ut/2AATMyk=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=ymZjobNTZdsm73FHlPh+8/XEkR70psPtvxKVJ9F2DziHgOfmU4rSU3vr+/b7XBr1b F4Vk39Bnka+5xreUDtl6aug8SbFD8vwbGkbv77hiqI2kF1EbC5CZV4sqaimt6BEX/K V/GSN+d1LRf3Ebr9Iikw1M6WveA5C/9HaHTCTqkM= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] security considerations wrt system ports (#139) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56b2f9ecee736_9173fb6c67c529c15105b"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: reschke X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Feb 2016 07:12:49 -0000 ----==_mimepart_56b2f9ecee736_9173fb6c67c529c15105b Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closed #139. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/139#event-538746494 ----==_mimepart_56b2f9ecee736_9173fb6c67c529c15105b Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closed #139.

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56b2f9ecee736_9173fb6c67c529c15105b-- From nobody Fri Feb 5 17:34:38 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Fri, 05 Feb 2016 17:34:34 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1454722474; bh=rt5bYLEI5Qx5m/BsFbFZ13aiky281c8OBusZVpZsAaA=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=e9+1TycrcwMODv3q5qU4Dci87H7U6nPaUpRxl0TsfecdvjKm/GW5cQFL+ENy8tT/n nNLkKbmwZi8KvQ3nefcOEJkgjB0msYVlfmhRDBUGPRrAxu2yo5TR0W2dehUFAcSXob OwqHIGGW9L8YI2AQf7uWmXzD1tctrLG4c9asQr7k= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] type the artwork (#143) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56b54daae104b_2ba03fe37fe432a0879b2"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Feb 2016 01:34:37 -0000 ----==_mimepart_56b54daae104b_2ba03fe37fe432a0879b2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Merged #143. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/143#event-541503337 ----==_mimepart_56b54daae104b_2ba03fe37fe432a0879b2 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Merged #143.

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56b54daae104b_2ba03fe37fe432a0879b2-- From nobody Fri Feb 5 18:02:19 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.454 X-Spam-Level: X-Spam-Status: No, score=-5.454 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Fri, 05 Feb 2016 18:02:14 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1454724134; bh=n9J5/YBbxON2y/MSb3e9cxIIOLfCgDrmwwQkoQQNB/w=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=nCVc8BjntGkC6gx9zMNgTP6wAtDB0zUEPkcHEAcWRoJJ+1uIlRaibYddmx7Iwqi/h 50Y0SCrvB5FL+XJwP0OovQcNOTMWQJUb3K8fmeuLG0lHAZH/wsexe25qnTjfQu+nld DYVOJrqyg0gU+UP77eepgwBJ3SWqyLZwNWTvFCcs= To: httpwg/http-extensions Subject: [http-extensions] Attacks from same host (#144) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56b554267bd45_5d7a3fced1c812b821851"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Feb 2016 02:02:17 -0000 ----==_mimepart_56b554267bd45_5d7a3fced1c812b821851 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit When an attacker has the ability to: 1) inject a HTTP header in any response from an origin 2) listen to a port on the same host they can effectively hijack the origin, for browsers that implement OppSec. E.g., someone on a shared Web host that also offers shell access. Previously, Alt-Svc used the port number as a way to mitigate this; however, in #139 we dropped that, because on many systems this is no longer a meaningful way to segment privileged applications. In discussion, it was suggested that the origin should opt into OppSec explicitly, e.g., with a `.well-known` file. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/144 ----==_mimepart_56b554267bd45_5d7a3fced1c812b821851 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

When an attacker has the ability to:

1) inject a HTTP header in any response from an origin
2) listen to a port on the same host

they can effectively hijack the origin, for browsers that implement OppSec.

E.g., someone on a shared Web host that also offers shell access.

Previously, Alt-Svc used the port number as a way to mitigate this; however, in #139 we dropped that, because on many systems this is no longer a meaningful way to segment privileged applications.

In discussion, it was suggested that the origin should opt into OppSec explicitly, e.g., with a .well-known file.

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56b554267bd45_5d7a3fced1c812b821851-- From nobody Fri Feb 5 18:03:36 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Fri, 05 Feb 2016 18:03:33 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1454724213; bh=VW9y1LjCi9hLcKIp2Cp/8yn+aaccn/7IxcUfzPmf+6M=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=blx6ufAau+JXECj7mMaCu5IXYaPTEJ6tum6deZj/tEND2ZQnYxJnmWydD+idgGbMP DUCcSzMUYA09aZDPtrNAprlIPo0S/2qW7Elv/GwT33/7h8sHIHTHApSqscB3CCalCz 3b83T5g6O+yVd1e+9iYrvmlkFTiy4NS7Ta6WI9Gc= To: httpwg/http-extensions Subject: [http-extensions] Requiring Use of TLS (#145) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56b554754f358_2af43fe37fe432a048837e"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Feb 2016 02:03:35 -0000 ----==_mimepart_56b554754f358_2af43fe37fe432a048837e Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit [Section 5](https://httpwg.github.io/http-extensions/encryption.html#http-tls) roughly sketches the `HTTP-TLS` header. We need to decide if this should be included (is it implemented?). --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/145 ----==_mimepart_56b554754f358_2af43fe37fe432a048837e Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Section 5 roughly sketches the HTTP-TLS header.

We need to decide if this should be included (is it implemented?).

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56b554754f358_2af43fe37fe432a048837e-- From nobody Fri Feb 5 18:17:22 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Fri, 05 Feb 2016 18:17:18 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1454725038; bh=tDz6qvbTzSd9vA9zHtYsFzqJrK979c7H28J4+BUzGgg=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=eb3ZELkZfsCdTh6ZDQAfoO5khM9m0XkZuIXjhYj091q+VhA/W6K1tkwvNBzYtYqDB q8MvahsA5RxVi+wrIiSXa/KNmrxu19Nbt2Ulz6qtC7qUG4iYhqf1oUhHcgAuzNytZ2 URUrD4ypXeinL0h39Nn0ZLn3U/Bz9gdfEXgMldnc= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Adding encrypted content encoding (3a3df89) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56b557ae4f6b5_1b8a3fe37fe432a0115160"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Feb 2016 02:17:21 -0000 ----==_mimepart_56b557ae4f6b5_1b8a3fe37fe432a0115160 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Not Cool -- changing links makes the Web sad :( --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/commit/3a3df89f94469a18ca991ded4e78542bba6a2beb#commitcomment-15929709 ----==_mimepart_56b557ae4f6b5_1b8a3fe37fe432a0115160 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Not Cool -- changing links makes the Web sad :(

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56b557ae4f6b5_1b8a3fe37fe432a0115160-- From nobody Fri Feb 5 18:24:15 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Fri, 05 Feb 2016 18:24:12 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1454725452; bh=q//ekeoS9nf026o94E7Znjp8kokHDkjtIxwEYwSv2zA=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=UoMJz71WFOEZld3nZuqzFD/abhR/j+c/c7E9KMueroVX7sGjGUbYP6uE+pTN4yyxq S2bSlyk3W5T3FeDg50/UzeIa75G7WvQUaawwKe9Af7ynnovCgdrOvVTyW9NdI4Nxs3 pVTSEWGOO4WrTQgh3LSRUGR6nYLlxW6E+8Cr7q1k= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Align opp-sec and alt-svc (#33) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56b5594c14d23_43b03ff9245072bc48591e"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Feb 2016 02:24:14 -0000 ----==_mimepart_56b5594c14d23_43b03ff9245072bc48591e Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Is there anything that needs to change in OppSec here? --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/33#issuecomment-180659834 ----==_mimepart_56b5594c14d23_43b03ff9245072bc48591e Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Is there anything that needs to change in OppSec here?

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56b5594c14d23_43b03ff9245072bc48591e-- From nobody Sat Feb 6 02:15:25 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.908 X-Spam-Level: X-Spam-Status: No, score=-5.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Sat, 06 Feb 2016 02:15:21 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1454753721; bh=s+1hPHefS3jJCU9TVEVc5AH44lPFRfyIMI8Kv94cbko=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=tb7tt1F6fIAg0B3UZvjeg1qPaYWNmiisjyvvg1qvYmw8w4xW66N8MJ+VoY5mI+mc/ VVb1ZrYyC42VierC0pAt6aUd0qONKmfXEGCMScO6pg5s0Zg4v78FCa8gSJxno2MJOA 4QAZhsFOMyJRjfixhPakd9NwDDnDY/BkNM0Xo6F0= To: httpwg/http-extensions Subject: [http-extensions] type the artwork (#146) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56b5c7b99ba91_42873fbc431e52a0126789"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: reschke X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Feb 2016 10:15:24 -0000 ----==_mimepart_56b5c7b99ba91_42873fbc431e52a0126789 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit You can view, comment on, or merge this pull request online at: https://github.com/httpwg/http-extensions/pull/146 -- Commit Summary -- * type the artwork -- File Changes -- M draft-ietf-httpbis-encryption-encoding.md (36) -- Patch Links -- https://github.com/httpwg/http-extensions/pull/146.patch https://github.com/httpwg/http-extensions/pull/146.diff --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/146 ----==_mimepart_56b5c7b99ba91_42873fbc431e52a0126789 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

You can view, comment on, or merge this pull request online at:

https://github.com/httpwg/http-extensions/pull/146

Commit Summary

type the artwork

File Changes

M draft-ietf-httpbis-encryption-encoding.md (36)

Patch Links:

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56b5c7b99ba91_42873fbc431e52a0126789-- From nobody Sun Feb 7 04:01:55 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.908 X-Spam-Level: X-Spam-Status: No, score=-5.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Sun, 07 Feb 2016 04:01:49 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1454846509; bh=ZqeSb7eQnp2r004CfVKdlZgVSh1YiRGmhO385kbqMlM=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=Mi/Aze0NjusuSOXTc+6FSDFm4BiE760ynlFzRA3sJKWiTITAMCCTIObJwa0Ol5xZ+ mWW13Jqvt9SoYxfqPqqbXvMX2TLfybZuzzqRW8+FUULovgPI6moHivVGAHWrn+R8N8 0UnjsfqJ1OiiQIwJZ8CYLpzEsrRDgh/qc0jYpWIM= To: httpwg/http-extensions Subject: [http-extensions] type the artwork (#147) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56b7322db17a7_5a723fd3f2b132c0119264f"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: reschke X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Feb 2016 12:01:54 -0000 ----==_mimepart_56b7322db17a7_5a723fd3f2b132c0119264f Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit You can view, comment on, or merge this pull request online at: https://github.com/httpwg/http-extensions/pull/147 -- Commit Summary -- * type the artwork -- File Changes -- M draft-ietf-httpbis-client-hints.md (32) -- Patch Links -- https://github.com/httpwg/http-extensions/pull/147.patch https://github.com/httpwg/http-extensions/pull/147.diff --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/147 ----==_mimepart_56b7322db17a7_5a723fd3f2b132c0119264f Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

You can view, comment on, or merge this pull request online at:

https://github.com/httpwg/http-extensions/pull/147

Commit Summary

type the artwork

File Changes

M draft-ietf-httpbis-client-hints.md (32)

Patch Links:

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56b7322db17a7_5a723fd3f2b132c0119264f-- From nobody Sun Feb 7 12:57:02 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Sun, 07 Feb 2016 12:56:55 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1454878615; bh=n7IKXVJsyBD2vC27lLdW0YqdO7Fxg3cVc56BNv8swZI=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=Oro4pNo3rE2M0vizjw4IDK4AvhzNscexq7d8J8p0a8f/X2bCtNIhEBRLfXi3Ue3NM H8HnbYt8ExVqwRexXUkjrzgzmOPHJc0Mp+QDdXxUS6tANFvGAeSwdOQZ7ctSSS9MxD 0u5tLdOc6KbvVJuwzLn3Z2iJdzwurOqSMGRDN1DI= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] type the artwork (#147) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56b7af97c9ade_33ca3fd3f2b132c02389838"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Feb 2016 20:57:01 -0000 ----==_mimepart_56b7af97c9ade_33ca3fd3f2b132c02389838 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Merged #147. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/147#event-542310938 ----==_mimepart_56b7af97c9ade_33ca3fd3f2b132c02389838 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Merged #147.

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56b7af97c9ade_33ca3fd3f2b132c02389838-- From nobody Sat Feb 13 19:58:24 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.241 X-Spam-Level: X-Spam-Status: No, score=-2.241 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Sat, 13 Feb 2016 19:58:19 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1455422299; bh=KMN/GODeGzZARpUEVNNLIbYu6QmqjPYzcc/uWtnuPrg=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=itl9c/FbtgD5D9ulO0V+rdnC67+FRD/OtAxv5RZ/ENkD95wHansS1pEixYuWT5SSP M9O5sDbU3IEwljsorHiwd1RfXHTi/mtuKK0d3NQrAGEnwWYOYEWtptoqD1ygYhD6hU hya+L/jpZm6/0FDX5D6uKs32kP8Xy74oFe/XVbLc= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Rename aesgcm128 to aesgcm to provide an update path (#137) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56bffb5ba5fff_19753fcc2ce4b2bc14799ef"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: martinthomson X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Feb 2016 03:58:22 -0000 ----==_mimepart_56bffb5ba5fff_19753fcc2ce4b2bc14799ef Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Merged #137. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/137#event-549733994 ----==_mimepart_56bffb5ba5fff_19753fcc2ce4b2bc14799ef Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Merged #137.

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56bffb5ba5fff_19753fcc2ce4b2bc14799ef-- From nobody Sat Feb 13 19:59:16 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Sat, 13 Feb 2016 19:59:11 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1455422351; bh=PJ39LOGJKnCbPJmx9r4fIKvNc4cI2gPb6SGLFbEacXQ=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=fM3ZtQ9HBPSAxJRhRJABLb/dCNUjMlTy7uJp1/yqrqvt1o2Lb+lgqn+yZniQyWXrd zcOA/Jl89eFiz4uSmjL+ZDoHV4ciZCVFGMp8bl14TxlpglB9KLZlWYSuqs+YoaIdWS Rs+sAr0uXpyEKYr5Q1fd1Cw3JqaIYnKwZ59J5LuI= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Rename aesgcm128 to aesgcm to provide an update path (#137) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56bffb8f7d5f5_7d823fcc2ce4b2bc28216a"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: martinthomson X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Feb 2016 03:59:14 -0000 ----==_mimepart_56bffb8f7d5f5_7d823fcc2ce4b2bc28216a Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit I still need to double-check the examples, but I won't be able to do that for a while now. Stupid travel. Might as well make progress at least. Thanks for putting this all together @beverloo. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/137#issuecomment-183817494 ----==_mimepart_56bffb8f7d5f5_7d823fcc2ce4b2bc28216a Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

I still need to double-check the examples, but I won't be able to do that for a while now. Stupid travel. Might as well make progress at least.

Thanks for putting this all together @beverloo.

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56bffb8f7d5f5_7d823fcc2ce4b2bc28216a-- From nobody Wed Feb 17 11:47:35 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Wed, 17 Feb 2016 11:47:31 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1455738451; bh=rUVbOOFehdJul0znqgY7rCSNrEM/yH5VtLZnSEfJls8=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=MgIfu6pKDnnuoNVE7GMjVJU1iv7SMwRur+FnVq2LB7gtwxkm8zBCxV30OSD23dIiW wC2plxkKqQDdkiFkObM/x+dkfl/T/t3+9wPBgqzYrodPBcU5S1Eh6RoPegU69O4ygp YmmeSUEoiiJ9irVhx53o+IseF8RkCQ3UxoLbeiK4= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Avoid ambiguity with "may not" and a "MAY" requirement (#66) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56c4ce5353df3_347d3fb4b21b32c013548f"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: reschke X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Feb 2016 19:47:34 -0000 ----==_mimepart_56c4ce5353df3_347d3fb4b21b32c013548f Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit @timbray I see the spec is now in AUTH48; are you going to make this change? --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/66#issuecomment-185373066 ----==_mimepart_56c4ce5353df3_347d3fb4b21b32c013548f Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

@timbray I see the spec is now in AUTH48; are you going to make this change?

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56c4ce5353df3_347d3fb4b21b32c013548f-- From nobody Fri Feb 19 18:13:25 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.908 X-Spam-Level: X-Spam-Status: No, score=-5.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Fri, 19 Feb 2016 18:13:20 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1455934400; bh=IW5kyZ3QBlGydWPChBERtxZwQryAkI9aymR9PLbg1jw=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=z0CcP3rAm69Un2Fy4m4p1ikyPhFPcJQcUaYFb8xDuknGl2fByydbee8b7zq9bWKS7 3E2yfh1rkyzxt/ac2f6Rl9WBBueDxjvO/J/VFSpOo47bXvNCew/rSQQ2WixT7OZVBL MQbdmE1hKTeWS0T5BVe940yk6OWATXhUwdFJQryc= To: httpwg/http-extensions Subject: [http-extensions] Reasonable Assurances and H2C (#148) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56c7cbc0c843d_326b3fed77b212a014153bb"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 20 Feb 2016 02:13:24 -0000 ----==_mimepart_56c7cbc0c843d_326b3fed77b212a014153bb Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Brought up in LC, . 1. Examples contain h2c, although this document implies that's not allowed 2. Examples should clarify that even on the same host, by default we don't allow h2c 3. Do we need to define "reasonable assurances" more tightly, e.g., by requiring something to update this document? --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/148 ----==_mimepart_56c7cbc0c843d_326b3fed77b212a014153bb Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Brought up in LC, http://www.w3.org/mid/20160209182822.C37A959F@welho-filter2.welho.com.

Examples contain h2c, although this document implies that's not allowed
Examples should clarify that even on the same host, by default we don't allow h2c
Do we need to define "reasonable assurances" more tightly, e.g., by requiring something to update this document?

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56c7cbc0c843d_326b3fed77b212a014153bb-- From nobody Sun Feb 21 14:43:37 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.483 X-Spam-Level: X-Spam-Status: No, score=-3.483 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Sun, 21 Feb 2016 14:43:31 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1456094611; bh=KdLp209q3fQCNzAs8zTsRURBqLiCISoJdyjQGpuEZek=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=VIn4k+uP7sMK3O8i+9PtYpyGb7pbkFNQzVH9RGvZK3I1pnyT/d65lKxeQF+l8jO72 yfsAFFS64k3CdEs3zW8gdivgcERxodC1p9Apby3LPFu5TBZtTUk+8T7JSX2vZwpnf3 5JNDLK+BT17ix1Sb3ATjXmrgUP8y971HTDSk30tk= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Support "Or" operator (#104) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56ca3d93c67f0_17063fb8677b32c03737f7"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2016 22:43:35 -0000 ----==_mimepart_56ca3d93c67f0_17063fb8677b32c03737f7 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Thinking about this a bit more. We could introduce limited operators. E.g., we could specify when another header's portion of the key should be discarded. Taking the example above and adding the calculated secondary cache key: `Key: DPR;partition=1.2, Save-Data;match=1` * DPR < 1.2, Save-Data = 1 `0:1` * DPR < 1.2, Save-Data != 1 `0:0` * DPR > 1.2, Save-Data = 1 `1:1` * DPR > 1.2, Save-Data != 1 `1:0` We could at least make 1 and three equivalent like this: `Key: DPR;partition=1.2, Save-Data;match=1;discard=1:DPR` * DPR < 1.2, Save-Data = 1 `:1` * DPR < 1.2, Save-Data != 1 `0:0` * DPR > 1.2, Save-Data = 1 `:1` * DPR > 1.2, Save-Data != 1 `1:0` because `discard=1:DPR` tells us to discard the `DPR` portion of the key if `Save-Data`'s post-processing value is `1`. This would need some massaging, of course, and it wouldn't be able to express all of the interdependencies between headers (notice that the second case is still a distinct cache entry). However, it would help avoid a complete combinetric cache explosion. I'm torn as to whether this is a good idea; Ilya could be right that in complex situations, we'll just fiddle request header semantics and/or synthesise new headers with ServiceWorker (although it'd be a great pity to use SW just for that, I think). WDYT? --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/104#issuecomment-186936535 ----==_mimepart_56ca3d93c67f0_17063fb8677b32c03737f7 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Thinking about this a bit more. We could introduce limited operators. E.g., we could specify when another header's portion of the key should be discarded.

Taking the example above and adding the calculated secondary cache key:

Key: DPR;partition=1.2, Save-Data;match=1

DPR < 1.2, Save-Data = 1 0:1
DPR < 1.2, Save-Data != 1 0:0
DPR > 1.2, Save-Data = 1 1:1
DPR > 1.2, Save-Data != 1 1:0

We could at least make 1 and three equivalent like this:

Key: DPR;partition=1.2, Save-Data;match=1;discard=1:DPR

DPR < 1.2, Save-Data = 1 :1
DPR < 1.2, Save-Data != 1 0:0
DPR > 1.2, Save-Data = 1 :1
DPR > 1.2, Save-Data != 1 1:0

because discard=1:DPR tells us to discard the DPR portion of the key if Save-Data's post-processing value is 1.

This would need some massaging, of course, and it wouldn't be able to express all of the interdependencies between headers (notice that the second case is still a distinct cache entry). However, it would help avoid a complete combinetric cache explosion.

I'm torn as to whether this is a good idea; Ilya could be right that in complex situations, we'll just fiddle request header semantics and/or synthesise new headers with ServiceWorker (although it'd be a great pity to use SW just for that, I think).

WDYT?

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56ca3d93c67f0_17063fb8677b32c03737f7-- From nobody Sun Feb 21 23:20:24 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.908 X-Spam-Level: X-Spam-Status: No, score=-5.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Sun, 21 Feb 2016 23:20:20 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1456125620; bh=BBDyGBE2ZcR3Rrtxhn0t+gEOCQPFAp+1cCNPEztrDww=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=FDg4QHu/1xj1w+VAHZ0AJwG3MqRZaVL6FTMdtgSTBbIHYbiCcHTC3QMpxNg/PbX62 UKq7I6bIcdrO6+mgV2RCm0rocJL5h+BAavSBLvH28JXnrTDnQXh0U2KhsBiR2kjPSL WyuiZQEsR7ZDEFH4OqXbuw98mBt4btGHhiEkg0UQ= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Support "Or" operator (#104) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56cab6b42da50_6ff93faf2bd152bc134857e"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: yoavweiss X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Feb 2016 07:20:23 -0000 ----==_mimepart_56cab6b42da50_6ff93faf2bd152bc134857e Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit > DPR < 1.2, Save-Data = 1 :1 > DPR < 1.2, Save-Data != 1 0:0 > DPR > 1.2, Save-Data = 1 :1 > DPR > 1.2, Save-Data != 1 1:0 That's better than before, but I suspect that for this use case the desired outcome is: * DPR < 1.2, Save-Data = 1: 1x * DPR < 1.2, Save-Data != 1: 1x * DPR > 1.2, Save-Data = 1: 1x * DPR > 1.2, Save-Data != 1: 2x So, adding `discard` improves things and reduces unnecessary cache explosion, but doesn't eliminate it. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/104#issuecomment-187049866 ----==_mimepart_56cab6b42da50_6ff93faf2bd152bc134857e Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

DPR < 1.2, Save-Data = 1 :1
DPR < 1.2, Save-Data != 1 0:0
DPR > 1.2, Save-Data = 1 :1
DPR > 1.2, Save-Data != 1 1:0

That's better than before, but I suspect that for this use case the desired outcome is:

DPR < 1.2, Save-Data = 1: 1x
DPR < 1.2, Save-Data != 1: 1x
DPR > 1.2, Save-Data = 1: 1x
DPR > 1.2, Save-Data != 1: 2x

So, adding discard improves things and reduces unnecessary cache explosion, but doesn't eliminate it.

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56cab6b42da50_6ff93faf2bd152bc134857e-- From nobody Mon Feb 22 00:47:47 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Mon, 22 Feb 2016 00:47:43 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1456130863; bh=hnYuPZWhC4i/3JBbtlUqTcsA/kG2uH7v4jVd9rVZvss=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=FuDneyClpC7l7TGCp82BzAJvycr1evUx87Mlbc9QvrJqTf93NAAoKM2Yo5TLIGMid RaTaJUcYFFyptBmiGR56uzzPmp0RzPbUvxQvt57AgtE3xC44lA26MSHUGcnbgwJx72 J74kvvlM+6+ESchHfXM5ZHlC+nLY4kvQ/tTmqxEw= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Support "Or" operator (#104) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56cacb2f48bad_7f243fc069e9929c2401359"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Feb 2016 08:47:46 -0000 ----==_mimepart_56cacb2f48bad_7f243fc069e9929c2401359 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Yep. I don't see a reasonable way to get to that without starting over from scratch, and making it significantly more complex. Happy if someone else can, though. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/104#issuecomment-187075898 ----==_mimepart_56cacb2f48bad_7f243fc069e9929c2401359 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Yep. I don't see a reasonable way to get to that without starting over from scratch, and making it significantly more complex. Happy if someone else can, though.

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56cacb2f48bad_7f243fc069e9929c2401359-- From nobody Mon Feb 22 04:01:02 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.908 X-Spam-Level: X-Spam-Status: No, score=-5.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Mon, 22 Feb 2016 04:00:34 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1456142434; bh=ydLcQm1ylcxeL9U/ArCrmz09KeVcY1DAqYRd5NsYGJI=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=v8zjo30KYvAyfUmEhkqVzV2Q2zDLu7sc61A7iqbHTqHTudULYJVOtwjVPgdsjKjg+ IAuxJhsu+vL0txPn02k4TzEd7ER1geW62W0Bt4vNRvFkGv9vFISGU65/iUobjnRiY1 /MZ/lXf5trDcEAlvxH/24xh86MtHs0lmsowbtPXE= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Support "Or" operator (#104) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56caf862a9303_7f9d3fad52c092b82535e6"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: yoavweiss X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Feb 2016 12:00:45 -0000 ----==_mimepart_56caf862a9303_7f9d3fad52c092b82535e6 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit At least for this particular scenario, the browser is not likely to change DPR values, so the cache verbosity is likely to be at the cache servers. Cache servers could avoid storing multiple instances of the same resource by having a 2-step lookup, where lookup-name=>content-hash=>resource-contents so that multiple lookup-names can lead to the same resource-contents if they have the same content-hash. So, if this is the only example we can come up with, maybe we should punt this issue until we see more usage in the wild and/or come up with more use cases? --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/104#issuecomment-187143647 ----==_mimepart_56caf862a9303_7f9d3fad52c092b82535e6 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

At least for this particular scenario, the browser is not likely to change DPR values, so the cache verbosity is likely to be at the cache servers.

Cache servers could avoid storing multiple instances of the same resource by having a 2-step lookup, where lookup-name=>content-hash=>resource-contents so that multiple lookup-names can lead to the same resource-contents if they have the same content-hash.

So, if this is the only example we can come up with, maybe we should punt this issue until we see more usage in the wild and/or come up with more use cases?

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56caf862a9303_7f9d3fad52c092b82535e6-- From nobody Mon Feb 22 22:36:07 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.908 X-Spam-Level: X-Spam-Status: No, score=-5.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Mon, 22 Feb 2016 22:36:03 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1456209363; bh=IwLrO9LjRcqL3llPvyuFc237gu7bgWtMStunVitSO8c=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=YObifLsZfb7t39gdylzZJjHAo9qpQ1w6NGNDI0B5cs6WvYnh9aaR0VyCauBOXLKgq /5ukDb0px59KrMg4EbDrvmQSHSQyvvD9S0lrJvTcMOZZjay3h2UPxfGqLKCrkcp9zF jzoBqrfmbDj8L0JatgsOqbDgbXR6HFr2vJ0Xjs58= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Secdir review feedback (23d3b09) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56cbfdd3a08c3_70e43ffbbab192c02889b1"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Feb 2016 06:36:06 -0000 ----==_mimepart_56cbfdd3a08c3_70e43ffbbab192c02889b1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit I think we can address the "notes" issue by changing the "note that" language -- this isn't really a note in the sense that it's a callout box, it's just how the sentence is structured. It's true that the word "required" is now in there, but that's because it refers to requirements elsewhere in the document. Again, some slight rewording would address this, if it is indeed an issue. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/commit/23d3b09374c077fbe695b7a01ac144f0e2a1755f#commitcomment-16260347 ----==_mimepart_56cbfdd3a08c3_70e43ffbbab192c02889b1 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

I think we can address the "notes" issue by changing the "note that" language -- this isn't really a note in the sense that it's a callout box, it's just how the sentence is structured.

It's true that the word "required" is now in there, but that's because it refers to requirements elsewhere in the document. Again, some slight rewording would address this, if it is indeed an issue.

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56cbfdd3a08c3_70e43ffbbab192c02889b1-- From nobody Wed Feb 24 22:43:57 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.908 X-Spam-Level: X-Spam-Status: No, score=-5.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Wed, 24 Feb 2016 22:43:53 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1456382633; bh=KCs4TTXvDsQL72q0laJI7qmonSkEVBQKZTutEypwPDQ=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=bnfYwIABqA5llHcbpxX+3JOFiurCrpIhXSHukr5QMkX1AnC0Euje0OxhLz9HSZjsg opzNlCcpbhBk4X2FWILTWXzgpOPf1ZhbocR7WfvNCffLA6wt+xKn2+OsJPezdR9h7O 1EpRLuAtwsSLrZ7EFV0GB+ZnlCEUGdt+ldoKlhk0= To: httpwg/http-extensions Subject: [http-extensions] harmonize boilerplate (#149) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56cea2a9b6afb_60583ffa5d94b2bc2978539"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: reschke X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Feb 2016 06:43:56 -0000 ----==_mimepart_56cea2a9b6afb_60583ffa5d94b2bc2978539 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit You can view, comment on, or merge this pull request online at: https://github.com/httpwg/http-extensions/pull/149 -- Commit Summary -- * harmonize boilerplate -- File Changes -- M draft-ietf-httpbis-cookie-prefixes.md (11) -- Patch Links -- https://github.com/httpwg/http-extensions/pull/149.patch https://github.com/httpwg/http-extensions/pull/149.diff --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/149 ----==_mimepart_56cea2a9b6afb_60583ffa5d94b2bc2978539 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

You can view, comment on, or merge this pull request online at:

https://github.com/httpwg/http-extensions/pull/149

Commit Summary

harmonize boilerplate

File Changes

M draft-ietf-httpbis-cookie-prefixes.md (11)

Patch Links:

—
Reply to this email directly or view it on GitHub.

----==_mimepart_56cea2a9b6afb_60583ffa5d94b2bc2978539--