From nobody Tue Mar 1 02:23:17 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Tue, 01 Mar 2016 02:23:13 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1456827793; bh=G5wU+3WIsIL7brReBKaUYfozjhqB4ljwSKSEbYql810=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=XDlKT7wIK3dnnZiDrzoElc3Riw/8gPNXSIqD/oBA96UTqO8kCSfycjTXGhYc/LY4Z E0cBEqpnJUDW8wmqXwyF2cE/BwWBCczijqxA6Kr6L3p+uWl/K8YIyvlPsbWqNdIWKu gcU7Y9kxIRTSFrVqife/DHkCLv+NJY8DJZpVtvJk= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] harmonize boilerplate (#149) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56d56d919e333_65613f91fdd0b2bc4969539"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: reschke X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Mar 2016 10:23:16 -0000 ----==_mimepart_56d56d919e333_65613f91fdd0b2bc4969539 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Merged #149. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/149#event-572805714 ----==_mimepart_56d56d919e333_65613f91fdd0b2bc4969539 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Merged #149.


Reply to this email directly or view it on GitHub.

----==_mimepart_56d56d919e333_65613f91fdd0b2bc4969539-- From nobody Tue Mar 1 20:24:03 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.042 X-Spam-Level: X-Spam-Status: No, score=-3.042 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Tue, 01 Mar 2016 20:23:59 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1456892639; bh=wCCfzQIxUd+6TzeZ36I4GiH6pJpko1tUFJ1abHsaDsI=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=RTkt1Iwnf/m/3J9ou1QOmCBZbNc1Z3Q1x18AoJRERZpgR5SAD48xLRh2qT8W3REEx TurH83dTXVQSA//24FhKvo3C6NKEN4X+ncEzBAkybFj6mgeyo4iP7PKFaexvfj/hgw R+BE3t1LTX92bQUmts+HT5k9ezbLKQQKdDq98H7w= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Support "Or" operator (#104) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56d66adf2a647_2c673faa41d452bc5532f"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Mar 2016 04:24:02 -0000 ----==_mimepart_56d66adf2a647_2c673faa41d452bc5532f Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closed #104. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/104#event-574124889 ----==_mimepart_56d66adf2a647_2c673faa41d452bc5532f Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closed #104.


Reply to this email directly or view it on GitHub.

----==_mimepart_56d66adf2a647_2c673faa41d452bc5532f-- From nobody Tue Mar 1 20:33:42 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Tue, 01 Mar 2016 20:33:38 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1456893218; bh=Xv6tJbbJwdFsAHc1MsRJFWNaUWuYp6QX6QPeD3E/ARA=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=U9LwbAk3IkMv0OzNOCu0XSc+ro8tzoHFOhyE1RP0H3RtBMokzZBuTE2EsmO6enfwl ErLy4VaWGRKyJhfP/MIoVEGMfuTaBi/SiYiszlSoEpzJhWM0zm+uAUSDguyG0u/lY1 7kk/mxxetxwk+2NTOW+OWEy4i7SLZKWxSXyYpL0Q= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Whitespace requirement (#107) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56d66d22e55a6_4d393fb6948c52a06219e7"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Mar 2016 04:33:41 -0000 ----==_mimepart_56d66d22e55a6_4d393fb6948c52a06219e7 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closed #107 via 481e7a79cafc725c93538e60f28db49544d9eb16. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/107#event-574130565 ----==_mimepart_56d66d22e55a6_4d393fb6948c52a06219e7 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closed #107 via 481e7a7.


Reply to this email directly or view it on GitHub.

----==_mimepart_56d66d22e55a6_4d393fb6948c52a06219e7-- From nobody Tue Mar 1 20:36:52 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Tue, 01 Mar 2016 20:36:49 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1456893409; bh=Vi1ZglG28A9sfKEAy2csMX9JXV/e5gENo7SCOzdYQQ4=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=s0bW59w1+5wWQm8GfX7zSUsGMQHdNOroPxicvY4x3Cg5ahQnU3SRVyWWEBi7EKQXR yNFMGqm6Y5cEWbbndOKRuaAJrGwexRab/yd6Bfua4IDaeDnPAHJZvsXjgw0Mf0FPOq zphFpYQX7yWxXjQpfYGzRy5aJlPMiCzAMYdLZRHE= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Policy for Key parameter registry (#106) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56d66de162c_41213fc71859729c958838"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Mar 2016 04:36:51 -0000 ----==_mimepart_56d66de162c_41213fc71859729c958838 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit I think IETF Review is sufficient. Its purpose is "that the document and proposed assignment will be reviewed by the IESG and appropriate IETF WGs (or experts, if suitable working groups no longer exist) to ensure that the proposed assignment will not negatively impact interoperability or otherwise extend IETF protocols in an inappropriate or damaging manner." ... which sounds about right. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/106#issuecomment-191056705 ----==_mimepart_56d66de162c_41213fc71859729c958838 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

I think IETF Review is sufficient. Its purpose is "that the document and proposed assignment will be reviewed by the IESG and appropriate IETF WGs (or experts, if suitable working groups no longer exist) to ensure that the proposed assignment will not negatively impact interoperability or otherwise extend IETF protocols in an inappropriate or damaging manner."

... which sounds about right.


Reply to this email directly or view it on GitHub.

----==_mimepart_56d66de162c_41213fc71859729c958838-- From nobody Tue Mar 1 21:21:02 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.941 X-Spam-Level: X-Spam-Status: No, score=-4.941 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Tue, 01 Mar 2016 21:20:57 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1456896057; bh=X/1U+z8UI7JGcW6ERvseloIeV5wuNT7ZTkDYMSOfn1w=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=RK9Sm9wAhbnjtRGKAJDpaHsQEv6eohYN6onWAJaZNjvM+tZ5Zj9zSNYJQWpfPYyny XbxSLZzMSQ/IUS77hJFY8T/Y+xKVpCabx2hDZ3RUlI+6rzIaU4nYp82L4dw/FfW10V CjlFRo97+Iey4HcuggK/teWupM5Ny+FsrbSvwfPU= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Align opp-sec and alt-svc (#33) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56d678397daa5_29383f7f2965529c39841d"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Mar 2016 05:20:59 -0000 ----==_mimepart_56d678397daa5_29383f7f2965529c39841d Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closed #33. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/33#event-574162105 ----==_mimepart_56d678397daa5_29383f7f2965529c39841d Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closed #33.


Reply to this email directly or view it on GitHub.

----==_mimepart_56d678397daa5_29383f7f2965529c39841d-- From nobody Tue Mar 1 21:21:03 2016 X-Original-To: http-issues@ietfa.amsl.com Delivered-To: http-issues@ietfa.amsl.com X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -5.349 X-Spam-Level: X-Spam-Status: No, score=-5.349 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_08=1.651, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham Date: Tue, 01 Mar 2016 21:20:57 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1456896057; bh=WLKY4kXKJUZ0CeYv/KItcQe/xVUqUYfMBVz+V6nbPlo=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=KSKgbqzuTwyQYknbyuHgpjnMXXjcXm/WZZat8Ladn8T+FK54a0lfHiGGjrWzW5SXo 34SKOY5Wqz+mWA2ElzUeqHbQaCgnmc8Vnq48bzImXdK7ZSLakJhUv/AyenOSpZvvHu 84cANDe+UVGOht2pKrW+GfyjpnhwGjfckfd8jEH4= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Align opp-sec and alt-svc (#33) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56d6783923574_52cc3f84f2bef29c419489"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list X-GitHub-Sender: mnot X-GitHub-Recipient: httpwg-issues X-Auto-Response-Suppress: All X-GitHub-Recipient-Address: http-issues@ietf.org Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.15 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Mar 2016 05:21:00 -0000 ----==_mimepart_56d6783923574_52cc3f84f2bef29c419489 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closing. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/33#issuecomment-191067587 ----==_mimepart_56d6783923574_52cc3f84f2bef29c419489 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closing.


Reply to this email directly or view it on GitHub.

----==_mimepart_56d6783923574_52cc3f84f2bef29c419489-- From nobody Mon Mar 7 20:22:44 2016 Delivered-To: http-issues@ietfc.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.928 X-Spam-Level: X-Spam-Status: No, score=-5.928 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfc.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Mon, 07 Mar 2016 20:22:40 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457410960; bh=mU8vZKQvZyYHnmg97745SIoRoZodyWDThVdVA173HX8=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=MVYuxvNDaLHq1obuJsQF6m6hdbBn1in+TC8MITvn9Pn60Eg7c7Y3dXOscF+EYL0fn 80gWln76XBmqpS5x6H7uM1cMvTQxakW4DSIhVvJ81DedfC1/ZDEkoIpgaM1W42Ex0G udf90tgJ6cDIgQfW3WtMonoh+IDYKRBBFmCj+qPE= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Adding `commit` member to JSON (#151) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56de5390b8cd4_16af3ff5128d529c6212af"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Mar 2016 04:22:43 -0000 ----==_mimepart_56de5390b8cd4_16af3ff5128d529c6212af Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit > > ~~~ example > - GET /index.html HTTP/1.1 > - Host: example.com > -~~~ > - > -~~~ example > - HTTP/1.1 200 OK > - Content-Type: text/html > - Cache-Control: max-age=600 > - Age: 30 > - Date: Thu, 1 May 2014 16:20:09 GMT > - HTTP-TLS: ma=3600 > +{ > + "origins": ["http://example.com:80", "http://www.example.com/:81"], > + "commit": "2016-03-12T12:27:00Z" Yes, sync issues. But certificates are similarly challenged, and I want to be able to lift one of these out of a cache. That's a reasonable thing to do right? --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/151/files#r55314784 ----==_mimepart_56de5390b8cd4_16af3ff5128d529c6212af Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

In draft-ietf-httpbis-http2-encryption.md:

>  
>  ~~~ example
> -    GET /index.html HTTP/1.1
> -    Host: example.com
> -~~~
> -
> -~~~ example
> -    HTTP/1.1 200 OK
> -    Content-Type: text/html
> -    Cache-Control: max-age=600
> -    Age: 30
> -    Date: Thu, 1 May 2014 16:20:09 GMT
> -    HTTP-TLS: ma=3600
> +{
> +  "origins": ["http://example.com:80", "http://www.example.com/:81"],
> +  "commit": "2016-03-12T12:27:00Z"

Yes, sync issues. But certificates are similarly challenged, and I want to be able to lift one of these out of a cache. That's a reasonable thing to do right?


Reply to this email directly or view it on GitHub.

----==_mimepart_56de5390b8cd4_16af3ff5128d529c6212af-- From nobody Mon Mar 7 20:33:33 2016 Delivered-To: http-issues@ietfc.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.402 X-Spam-Level: X-Spam-Status: No, score=-5.402 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no Authentication-Results: ietfc.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Mon, 07 Mar 2016 20:23:59 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457411039; bh=kXyLIB/LvZoroqN/LbL9loo4+QsvLTcqjnx3E6q/bMs=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=ODuFvwF07VG4tmkgSdZ6MuUsQRjyOks7eU4gf9gsRGYbifPXI9ZkadMp4+0/4gJVX glNarDD4M7XihJHyFjpNNzBtO8k82hYuKKMNeV2B8b/mY0EbQQ98IWW+NtGfhWNVVS sORzibPPIBlK5XS4djNC212hemMB2DOtvufS5Dj4= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Adding `commit` member to JSON (#151) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56de53df35b3b_5fc53fd82123529c5904dc"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Mar 2016 04:33:32 -0000 ----==_mimepart_56de53df35b3b_5fc53fd82123529c5904dc Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit > ~~~ > > -This header field creates a commitment from the origin {{RFC6454}} of the associated resource (in > -the example, `http://example.com`). For the duration of the commitment, clients SHOULD strongly > -authenticate the server for all subsequent requests made to that origin, though this creates some > -risks for clients (see {{pinrisks}}). > - > -Authentication for HTTP over TLS is described in Section 3.1 of {{RFC2818}}, noting the additional > -requirements in Section 2.1 of {{I-D.ietf-httpbis-alt-svc}}. The header field MUST be ignored if > -strong authentication fails; otherwise, an attacker could create a persistent denial of service by > -falsifying a commitment. > +The value of the `commit` member MUST be ignored unless the alternative service can be strongly > +authenticated. Minimum authentication requirements for HTTP over TLS are described in Section 2.1 > +of {{I-D.ietf-httpbis-alt-svc}} and Section 3.1 of {{RFC2818}}. As noted in > +{{I-D.ietf-httpbis-alt-svc}}, clients can impose other checks in addition to this minimum set. For > +instance, a client might choose to apply key pinning {{RFC7469}}. This is the essential weirdness of this mechanism. You don't *have* to authenticate, but you can. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/151/files#r55314849 ----==_mimepart_56de53df35b3b_5fc53fd82123529c5904dc Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

In draft-ietf-httpbis-http2-encryption.md:

>  ~~~
>  
> -This header field creates a commitment from the origin {{RFC6454}} of the associated resource (in
> -the example, `http://example.com`).  For the duration of the commitment, clients SHOULD strongly
> -authenticate the server for all subsequent requests made to that origin, though this creates some
> -risks for clients (see {{pinrisks}}).
> -
> -Authentication for HTTP over TLS is described in Section 3.1 of {{RFC2818}}, noting the additional
> -requirements in Section 2.1 of {{I-D.ietf-httpbis-alt-svc}}. The header field MUST be ignored if
> -strong authentication fails; otherwise, an attacker could create a persistent denial of service by
> -falsifying a commitment.
> +The value of the `commit` member MUST be ignored unless the alternative service can be strongly
> +authenticated.  Minimum authentication requirements for HTTP over TLS are described in Section 2.1
> +of {{I-D.ietf-httpbis-alt-svc}} and Section 3.1 of {{RFC2818}}.  As noted in
> +{{I-D.ietf-httpbis-alt-svc}}, clients can impose other checks in addition to this minimum set.  For
> +instance, a client might choose to apply key pinning {{RFC7469}}.

This is the essential weirdness of this mechanism. You don't have to authenticate, but you can.


Reply to this email directly or view it on GitHub.

----==_mimepart_56de53df35b3b_5fc53fd82123529c5904dc-- From nobody Mon Mar 7 21:04:02 2016 Delivered-To: http-issues@ietfc.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.928 X-Spam-Level: X-Spam-Status: No, score=-5.928 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfc.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Mon, 07 Mar 2016 21:03:58 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457413438; bh=tqh9zNbnG0IQjnaMXdx2AYUK+MjL3LmG4g7OuOdlH9I=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=of2po0uCs80890ed7K6bjnWODhLz/18plG1uGuQduE+nK7Rufg3fD4DXRsYbWE2za jRaw1AJyJ22XxjIPuEiyQZeU36kXcfJCDENTyJIUo/gcwvQSh0ERKY6g4RD3653j1d nKFhr64E+U12wlqlCR5Clm2aLE8Pn2Lt8zNa2sKk= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Adding `commit` member to JSON (#151) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56de5d3ecf8b4_3dc23f8fce96d2bc14948a"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Mar 2016 05:04:01 -0000 ----==_mimepart_56de5d3ecf8b4_3dc23f8fce96d2bc14948a Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit > > ~~~ example > - GET /index.html HTTP/1.1 > - Host: example.com > -~~~ > - > -~~~ example > - HTTP/1.1 200 OK > - Content-Type: text/html > - Cache-Control: max-age=600 > - Age: 30 > - Date: Thu, 1 May 2014 16:20:09 GMT > - HTTP-TLS: ma=3600 > +{ > + "origins": ["http://example.com:80", "http://www.example.com/:81"], > + "commit": "2016-03-12T12:27:00Z" I was assuming that a typical case would be just wanting to try it out by assigning a relatively short commitment period. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/151/files#r55316758 ----==_mimepart_56de5d3ecf8b4_3dc23f8fce96d2bc14948a Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

In draft-ietf-httpbis-http2-encryption.md:

>  
>  ~~~ example
> -    GET /index.html HTTP/1.1
> -    Host: example.com
> -~~~
> -
> -~~~ example
> -    HTTP/1.1 200 OK
> -    Content-Type: text/html
> -    Cache-Control: max-age=600
> -    Age: 30
> -    Date: Thu, 1 May 2014 16:20:09 GMT
> -    HTTP-TLS: ma=3600
> +{
> +  "origins": ["http://example.com:80", "http://www.example.com/:81"],
> +  "commit": "2016-03-12T12:27:00Z"

I was assuming that a typical case would be just wanting to try it out by assigning a relatively short commitment period.


Reply to this email directly or view it on GitHub.

----==_mimepart_56de5d3ecf8b4_3dc23f8fce96d2bc14948a-- From nobody Mon Mar 7 21:44:21 2016 Delivered-To: http-issues@ietfc.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.942 X-Spam-Level: X-Spam-Status: No, score=-4.942 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfc.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Mon, 07 Mar 2016 21:44:17 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457415857; bh=iUK3em256J0EKPqA8ntRrCutYrmtRWaVNVR7oRuMLQ4=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=u4azkP/M0ohKVsuYMWMh/wWJDwajDZlfisXzHoa5qLTCDflasuG5kge49gH/KKKH/ A+XYrwJzDCu0gnuznXRwbc5+6T2bW8omzvvCY4TRRFPfPJis3R0TJAdXy4140v/+NF VRzHluV8w1DooVnHY084bf5cjYP5U3S7GD8nWaRE= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Adding `commit` member to JSON (#151) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56de66b1cc98a_4a993ff08477d29c1030953"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Mar 2016 05:44:20 -0000 ----==_mimepart_56de66b1cc98a_4a993ff08477d29c1030953 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit And lo, relativism became ascendant. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/151#issuecomment-193618278 ----==_mimepart_56de66b1cc98a_4a993ff08477d29c1030953 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

And lo, relativism became ascendant.


Reply to this email directly or view it on GitHub.

----==_mimepart_56de66b1cc98a_4a993ff08477d29c1030953-- From nobody Tue Mar 8 15:26:18 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.961 X-Spam-Level: X-Spam-Status: No, score=-4.961 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 08 Mar 2016 15:26:13 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457479573; bh=jm3F9CgbIbP2q9F7dA96Y5YPfPDAHoVYvrxlegpY1XI=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=n9iNzNo53xvu4CHEsftAWSSPQsxA/zz6gjHQAoIXSg36JvF1BhVIfhI85KcJt5rT2 ZTluxXjFiIdAyipyakSt1E7okstEbRnRLqsbVMKFyDSzVDMp0V58RDaUkDwj7qDamR OVXy2d61h/467VrF7EjKwwGgXaErGcCUuBwtqJJo= To: httpwg/http-extensions Subject: [http-extensions] IANA considerations are a giant list (#154) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56df5f958b371_5bde3fea1c6c52a033673c"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Mar 2016 23:26:16 -0000 ----==_mimepart_56df5f958b371_5bde3fea1c6c52a033673c Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Which makes this section quite hard to follow. http://httpwg.org/http-extensions/client-hints.html#iana-considerations --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/154 ----==_mimepart_56df5f958b371_5bde3fea1c6c52a033673c Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Which makes this section quite hard to follow.

http://httpwg.org/http-extensions/client-hints.html#iana-considerations


Reply to this email directly or view it on GitHub.

----==_mimepart_56df5f958b371_5bde3fea1c6c52a033673c-- From nobody Tue Mar 8 15:47:39 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.942 X-Spam-Level: X-Spam-Status: No, score=-4.942 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 08 Mar 2016 15:47:34 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457480854; bh=jfTdOHC1ZFzdgTtuRgGVeSAmc7gd+TdwXZhAxjv/nP8=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=iQH5f/92Fo38LwVYp4+6rK0vR6qNQ+dNGb+4ZaRRo8OVXC8lzPNhIfOUuxgs0XxXR EQVp3tQBmXqmoEJa3fxLWrqsbWD3tTQcMJJU9bUH4tl47xKPNrRtWJej83lIdN07dt fE3uxCLsOKFkG242lcA1auP1evP8IAou8aWjdrA4= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Should CH headers be treated as simple headers? (#141) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56df64965be2e_27e3f9c845ff2c01956e"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Mar 2016 23:47:37 -0000 ----==_mimepart_56df64965be2e_27e3f9c845ff2c01956e Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit I expect that some service workers might either request full versions of resources because they want to provide the full experience offline, or leaner versions so that they can save space. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/141#issuecomment-194027889 ----==_mimepart_56df64965be2e_27e3f9c845ff2c01956e Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

I expect that some service workers might either request full versions of resources because they want to provide the full experience offline, or leaner versions so that they can save space.


Reply to this email directly or view it on GitHub.

----==_mimepart_56df64965be2e_27e3f9c845ff2c01956e-- From nobody Thu Mar 10 19:42:38 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -3.043 X-Spam-Level: X-Spam-Status: No, score=-3.043 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Thu, 10 Mar 2016 19:32:39 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457667159; bh=UkSs5Mj/NRw7K5fmM/W8OLHTcT+JlyMFmFmGqAopFVU=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=yHGVxVQRzuaWFwThEDrS972OJ6QkN+Qi5j13vgM9MKFZtbtkz3RDxnhucoTtrrz2Z F3+QiRrJDqxvASUK0n6UGBCV7/XR6U85XX4NPvscNLncrodEke/3QHTlZt0sBAcjxb yCMg7q/Fbt46+suXYZoch//CcEn+p9m6CK0IaM7g= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Adding `commit` member to JSON (#151) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56e23c57b5549_5dc03f8646c5b2bc190732c"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Mar 2016 03:42:37 -0000 ----==_mimepart_56e23c57b5549_5dc03f8646c5b2bc190732c Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Merged #151. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/151#event-585865364 ----==_mimepart_56e23c57b5549_5dc03f8646c5b2bc190732c Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Merged #151.


Reply to this email directly or view it on GitHub.

----==_mimepart_56e23c57b5549_5dc03f8646c5b2bc190732c-- From nobody Thu Mar 10 21:55:26 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.597 X-Spam-Level: X-Spam-Status: No, score=-5.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Thu, 10 Mar 2016 21:55:20 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457675720; bh=4/vDNOcNVypP2nFaoNGeFijnjARcKInjtTDWGIkMZHM=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=2GPgTGrbJ/C4mfbFRz4cYyDrINzUYnof11RW/NdbMxnkFoT502VQ5HSgwCoQj7voj rMOqZ19mwTBwhFp8Pch73U3zMXa8U/uxR5ErV6Gtfvi9NgFjAzOFONNqugDONrjv5k ucBMl+w3sjoZekNbdV9m3F2pf7/E0i3uICVBKw0E= To: httpwg/http-extensions Subject: [http-extensions] Define `Accept-CH` more precisely (#155) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56e25dc885ed6_2d353f90cfa3529c3894c9"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Mar 2016 05:55:24 -0000 ----==_mimepart_56e25dc885ed6_2d353f90cfa3529c3894c9 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit The spec currently says that if a server sends `Accept-CH: DPR`, then the `DPR` header should be added "to all subsequent requests". However it is (as far as I can tell) completely undefined what a "subsequent request" is. Does it affect only future requests to the server which sent the `Accept-CH` header? If the header is sent with the response during a document load, does it affect all requests coming from that document, no matter which server the request goes to? Generally speaking, if a CDN which servers images has to send a `Accept-CH: DPR` header before it will receive any `DPR` headers, that means that the first image will have to be served without DPR information. This seems unfortunate since ideally the first image that a page loads is the most important image. A better solution is that when a browser loads a "document" and receives a `Accept-CH` header in the response, that header would affect all the requests that are made from that document, no matter which server the request is going to. If desired, in the future we could add more complex syntax to `Accept-CH` which enables opting in to certain CH headers only for certain servers and/or only for certain resource types. We could also add a header which enables a server to opt in to getting specific CH headers for all future requests to that same server. To for example allow an image server to opt in to certain headers even if the document-serving server has not yet adopted the `Accept-CH` header. But I'm not sure how popular such a solution would be given first-load the problem mentioned above. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/155 ----==_mimepart_56e25dc885ed6_2d353f90cfa3529c3894c9 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

The spec currently says that if a server sends Accept-CH: DPR, then the DPR header should be added "to all subsequent requests".

However it is (as far as I can tell) completely undefined what a "subsequent request" is. Does it affect only future requests to the server which sent the Accept-CH header? If the header is sent with the response during a document load, does it affect all requests coming from that document, no matter which server the request goes to?

Generally speaking, if a CDN which servers images has to send a Accept-CH: DPR header before it will receive any DPR headers, that means that the first image will have to be served without DPR information. This seems unfortunate since ideally the first image that a page loads is the most important image.

A better solution is that when a browser loads a "document" and receives a Accept-CH header in the response, that header would affect all the requests that are made from that document, no matter which server the request is going to. If desired, in the future we could add more complex syntax to Accept-CH which enables opting in to certain CH headers only for certain servers and/or only for certain resource types.

We could also add a header which enables a server to opt in to getting specific CH headers for all future requests to that same server. To for example allow an image server to opt in to certain headers even if the document-serving server has not yet adopted the Accept-CH header. But I'm not sure how popular such a solution would be given first-load the problem mentioned above.


Reply to this email directly or view it on GitHub.

----==_mimepart_56e25dc885ed6_2d353f90cfa3529c3894c9-- From nobody Thu Mar 10 22:31:30 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.402 X-Spam-Level: X-Spam-Status: No, score=-5.402 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Thu, 10 Mar 2016 22:31:25 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457677885; bh=ygk3x7sWUEv3NflIN5MFdfs4x0AzeTvAa9qsz2l6dIY=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=DyqZOLlxOUeEepZalf2Wd7KnyvyJGAauyYvOJ6VZ+lnwoxC9HYLk1Kk9CLZxVG6Tc h66AKxcDioPeBrGnI2gBqs8yclstIkNCOvG1w4fsScVTguM/M5DTzZJiecs8MKL8EF U8/IhdsmwgkbSjiiN/WcC6xVyvfjClAFR5y029i4= To: httpwg/http-extensions Subject: [http-extensions] Define more precisely which CH headers are sent by default (#156) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56e2663dcc095_274c3fa0947872a07974cf"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Mar 2016 06:31:30 -0000 ----==_mimepart_56e2663dcc095_274c3fa0947872a07974cf Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit The spec currently says that clients should send CH headers "based on their default settings, user configuration and/or preferences". This needs to be more precisely defined in order to not cause interoperability problems between browsers. I know that there's a tension between not sending too much header data which is commonly not used by servers, thus wasting bandwidth, while also sending enough information that servers can optimize their responses. However leaving the decision out of the spec and up to clients, doesn't make the problem simpler, it just pushes it onto someone else. What I propose is the following: For "document" loads, i.e. when browsers make the request during navigation, send the information which is typically needed for websites to determine what markup to serve. So things that let the server choose which version of a responsive-design page to serve first. I'd think this includes things like "viewport-width", "downlink" and "save-data". (We might also want to send other information like, is the device touch-enabled, but that's a separate discussion I think). For non-"document" loads, serve no CH headers by default and instead let the "document" response opt in to which headers should be served for the non-"document" requests within that document. See also issue #155. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/156 ----==_mimepart_56e2663dcc095_274c3fa0947872a07974cf Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

The spec currently says that clients should send CH headers "based on their default settings, user configuration and/or preferences". This needs to be more precisely defined in order to not cause interoperability problems between browsers.

I know that there's a tension between not sending too much header data which is commonly not used by servers, thus wasting bandwidth, while also sending enough information that servers can optimize their responses. However leaving the decision out of the spec and up to clients, doesn't make the problem simpler, it just pushes it onto someone else.

What I propose is the following:
For "document" loads, i.e. when browsers make the request during navigation, send the information which is typically needed for websites to determine what markup to serve. So things that let the server choose which version of a responsive-design page to serve first. I'd think this includes things like "viewport-width", "downlink" and "save-data". (We might also want to send other information like, is the device touch-enabled, but that's a separate discussion I think).

For non-"document" loads, serve no CH headers by default and instead let the "document" response opt in to which headers should be served for the non-"document" requests within that document. See also issue #155.


Reply to this email directly or view it on GitHub.

----==_mimepart_56e2663dcc095_274c3fa0947872a07974cf-- From nobody Thu Mar 10 22:35:55 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.474 X-Spam-Level: X-Spam-Status: No, score=-5.474 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Thu, 10 Mar 2016 22:35:49 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457678149; bh=rE0qGgfaGSe3jFGc1Rl06tyVaKhzLqi+LOezUgJQGCg=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=PgzERGkvlBIXT3Ofu535uL/BMfXR+Xivb9eEhCnxzZwb2lLd85v3BJszMhUlwSNYi Z4rKCFGvmfXOsuNZZt5xSg6NSA+aUA7FmqWSXI6cHnh+wHA7X0bI8IecUkyV2uA+VD jv/2IAkAehlbu1eDsQcFj5dKex/TSoQhoeoOu+Mw= To: httpwg/http-extensions Subject: [http-extensions] Refining the framing of the commitment (#157) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56e267457af36_5dbb3fe9d794329c11913e"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Mar 2016 06:35:53 -0000 ----==_mimepart_56e267457af36_5dbb3fe9d794329c11913e Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Second round on this one, small tweaks and a small amount of restructuring. You can view, comment on, or merge this pull request online at: https://github.com/httpwg/http-extensions/pull/157 -- Commit Summary -- * Refining the framing of the commitment -- File Changes -- M draft-ietf-httpbis-http2-encryption.md (73) -- Patch Links -- https://github.com/httpwg/http-extensions/pull/157.patch https://github.com/httpwg/http-extensions/pull/157.diff --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/157 ----==_mimepart_56e267457af36_5dbb3fe9d794329c11913e Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Second round on this one, small tweaks and a small amount of restructuring.

You can view, comment on, or merge this pull request online at:

  https://github.com/httpwg/http-extensions/pull/157

Commit Summary

  • Refining the framing of the commitment

File Changes

Patch Links:


Reply to this email directly or view it on GitHub.

----==_mimepart_56e267457af36_5dbb3fe9d794329c11913e-- From nobody Thu Mar 10 22:57:14 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.474 X-Spam-Level: X-Spam-Status: No, score=-5.474 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Thu, 10 Mar 2016 22:57:09 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457679429; bh=Yv/oKruZuD+PkwSZ9XKy9v9COZ2qPBv0BrxhvnMNpR8=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=p8Sq2nGb1O0RViNlCneLUgGe7NrF0QTX5FAAcNmeY3Xf1rfwdD3KhpBpda+GG5FSQ wHO83rSf3BPDzVYR0efefkOu+WS0hc8oPosHfDliNqLcbVV4UF9YyLQEDX5ZDKwm/w 7x06RG82wT5FxM1n0Pso9SD3qoP2INuIkC4xIp+A= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Refining the framing of the commitment (#157) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56e26c45da215_260c3fa0947872a016210f7"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Mar 2016 06:57:12 -0000 ----==_mimepart_56e26c45da215_260c3fa0947872a016210f7 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit > contacted. Effectively, this makes the choice to use a secured protocol "sticky". > > > ## Opportunistic Commitment > > -An insecure origin can commit to providing a secured alternative by including a `commit` member in > -the http-opportunistic well-known resource (see {{well-known}}), whose value is a number > -representing an interval in seconds. > +An origin can reduce the risk of attacks on opportunistically secured connections by committing to > +provide an secured, authenticated alternative service. This is done by including the optional > +`commit` member in the http-opportunistic well-known resource (see {{well-known}}). This feature is > +optional due to the requirement for server authentication and the potential risk entailed (see > +{{pinrisks}}). > + > +The value of the `commit` member is the duration of the commitment interval in seconds. Saying it's a number clarifies what JSON is expected; perhaps "JSON number [ref]" --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/157/files#r55795409 ----==_mimepart_56e26c45da215_260c3fa0947872a016210f7 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

In draft-ietf-httpbis-http2-encryption.md:

>  contacted. Effectively, this makes the choice to use a secured protocol "sticky".
>  
>  
>  ## Opportunistic Commitment
>  
> -An insecure origin can commit to providing a secured alternative by including a `commit` member in
> -the http-opportunistic well-known resource (see {{well-known}}), whose value is a number
> -representing an interval in seconds.
> +An origin can reduce the risk of attacks on opportunistically secured connections by committing to
> +provide an secured, authenticated alternative service. This is done by including the optional
> +`commit` member in the http-opportunistic well-known resource (see {{well-known}}). This feature is
> +optional due to the requirement for server authentication and the potential risk entailed (see
> +{{pinrisks}}).
> +
> +The value of the `commit` member is the duration of the commitment interval in seconds.

Saying it's a number clarifies what JSON is expected; perhaps "JSON number [ref]"


Reply to this email directly or view it on GitHub.

----==_mimepart_56e26c45da215_260c3fa0947872a016210f7-- From nobody Thu Mar 10 22:58:12 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.909 X-Spam-Level: X-Spam-Status: No, score=-5.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Thu, 10 Mar 2016 22:58:08 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457679489; bh=sn5xPvkiusH9qph2HTrCp0xztZNo9kFkhpOZqYXVWMM=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=TRnqxJSe67LE8djdrDXkaK16sgTdMMifj7IY9zB7JDl70qhjYvyYd+GPsl8PdsJcX l+2L/PZgKzI+ZSkSl0WbhPYVgSiBCURpiQG7HLBu7YHhODjbSU80J5vPwwcNP/zdjR yYZx8084P3SpgyXfrWL9/btoHZbvyCsJj7920TiA= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Refining the framing of the commitment (#157) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56e26c80e8c32_e823f90cfa3529c16293fb"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Mar 2016 06:58:11 -0000 ----==_mimepart_56e26c80e8c32_e823f90cfa3529c16293fb Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit > > The value of the `commit` member MUST be ignored unless the alternative service can be strongly > -authenticated. Minimum authentication requirements for HTTP over TLS are described in Section 2.1 > -of {{I-D.ietf-httpbis-alt-svc}} and Section 3.1 of {{RFC2818}}. As noted in > -{{I-D.ietf-httpbis-alt-svc}}, clients can impose other checks in addition to this minimum set. For > +authenticated. The same requirements that apply to `https://` resources SHOULD be applied to I'm concerned that this is going to confuse people -- *which* same requirements? --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/157/files#r55795466 ----==_mimepart_56e26c80e8c32_e823f90cfa3529c16293fb Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

In draft-ietf-httpbis-http2-encryption.md:

>  
>  The value of the `commit` member MUST be ignored unless the alternative service can be strongly
> -authenticated.  Minimum authentication requirements for HTTP over TLS are described in Section 2.1
> -of {{I-D.ietf-httpbis-alt-svc}} and Section 3.1 of {{RFC2818}}.  As noted in
> -{{I-D.ietf-httpbis-alt-svc}}, clients can impose other checks in addition to this minimum set.  For
> +authenticated. The same requirements that apply to `https://` resources SHOULD be applied to

I'm concerned that this is going to confuse people -- which same requirements?


Reply to this email directly or view it on GitHub.

----==_mimepart_56e26c80e8c32_e823f90cfa3529c16293fb-- From nobody Thu Mar 10 22:59:55 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.383 X-Spam-Level: X-Spam-Status: No, score=-5.383 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Thu, 10 Mar 2016 22:59:51 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457679591; bh=HD6nof5lsYXr6Z8HwEhELosyYmpwKFtasURTMdUU2e8=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=wCzYGk49I7i4X5YE92AEmJuQd7pkjtC+ljXnP6KoeiEcciIiEQBQSckj2zJMrmcaA oj7aq3kU2Bq1fLyPQkD2RIBQL3wPzeXw2y4cjwXx3l5ixCJxSadCneGtl0jmQmIhev 9ldxaQCLC5+HLiDiscfXQN670MvVxbMhjeUg6i7w= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Refining the framing of the commitment (#157) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56e26ce72c7c2_5dbb3fe9d794329c18218fd"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Mar 2016 06:59:54 -0000 ----==_mimepart_56e26ce72c7c2_5dbb3fe9d794329c18218fd Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit > instance, a client might choose to apply key pinning {{RFC7469}}. > > -If a client is able to obtain a valid http-opportunistic resource (as per {{well-known}}) > -containing a `commit` member and a strongly authenticated alternative service is available, it can > -assume that such an alternative will remain available for the indicated number of seconds past the > -current time, less the current age of the http-opportunistic response (as defined in Section 4.2.3 > -of {{RFC7234}}). A client SHOULD NOT fall back to cleartext protocols prior to that interval > -elapsing. Note however that relying on a commitment creates some potential operational hazards (see > -{{pinrisks}}). > +A client that receives a commitment and that successfully authenticates the alternative service can > +assume that a secured alternative will remain available for the commitment interval. The commitment > +interval starts when the commitment is received and authenticated and runs for a number of seconds > +equal to value of the `commit` member, less the current age of the http-opportunistic response (as > +defined in Section 4.2.3 of {{RFC7234}}. A client SHOULD avoid sending requests via cleartext missing ) --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/157/files#r55795575 ----==_mimepart_56e26ce72c7c2_5dbb3fe9d794329c18218fd Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

In draft-ietf-httpbis-http2-encryption.md:

>  instance, a client might choose to apply key pinning {{RFC7469}}.
>  
> -If a client is able to obtain a valid http-opportunistic resource (as per {{well-known}})
> -containing a `commit` member and a strongly authenticated alternative service is available, it can
> -assume that such an alternative will remain available for the indicated number of seconds past the
> -current time, less the current age of the http-opportunistic response (as defined in Section 4.2.3
> -of {{RFC7234}}). A client SHOULD NOT fall back to cleartext protocols prior to that interval
> -elapsing. Note however that relying on a commitment creates some potential operational hazards (see
> -{{pinrisks}}).
> +A client that receives a commitment and that successfully authenticates the alternative service can
> +assume that a secured alternative will remain available for the commitment interval. The commitment
> +interval starts when the commitment is received and authenticated and runs for a number of seconds
> +equal to value of the `commit` member, less the current age of the http-opportunistic response (as
> +defined in Section 4.2.3 of {{RFC7234}}. A client SHOULD avoid sending requests via cleartext

missing )


Reply to this email directly or view it on GitHub.

----==_mimepart_56e26ce72c7c2_5dbb3fe9d794329c18218fd-- From nobody Sun Mar 13 16:43:02 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -2.242 X-Spam-Level: X-Spam-Status: No, score=-2.242 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Sun, 13 Mar 2016 16:42:51 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457912571; bh=uYy8aDjhNqMqoE1CUWa4uJ8rQpm0Oo3apqDu/Bdv2l8=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=jGYsdYQqObwkqPFgI6VJx/KqL5i1AQ6KG1soVGL6DWnkZ5uIf0TL1caS0YZhDQlry 3W0MtV8UXanUJurB9jQH6YTawJo4O9z05LzTRgDw+iY8ZwFsNZQH858NqQPS3yqpNp G7AUNvtez5zr0msam5/Rcg7fWIc8GLAR31MSDrSE= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Refining the framing of the commitment (#157) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56e5fafbc1ef_350b3fd2d91eb2c0403722"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Mar 2016 23:43:01 -0000 ----==_mimepart_56e5fafbc1ef_350b3fd2d91eb2c0403722 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Merged #157. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/157#event-588043398 ----==_mimepart_56e5fafbc1ef_350b3fd2d91eb2c0403722 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Merged #157.


Reply to this email directly or view it on GitHub.

----==_mimepart_56e5fafbc1ef_350b3fd2d91eb2c0403722-- From nobody Sun Mar 13 21:25:55 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.383 X-Spam-Level: X-Spam-Status: No, score=-5.383 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Sun, 13 Mar 2016 21:25:49 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457929549; bh=sfLnOaYm5t+bd1DTz3sZFhCSJtWAMqWYHCqKQg6gTV4=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=sM4S+EVEV8TA/jOIM3LNcvOPzP6lt/HioIDQNrtqV805uDPOGfCO2UxZYWU2j3m6r WOsfAgsEoadXE0mvRb+52rwRIRrsEPM9PXaQjkksRuMCW/4CR4N3NIbT+qVJFtmS8U x/RuRMNwGkugqGmQZWD4WXeOM7B3VDQtjQInoBwQ= To: httpwg/http-extensions Subject: [http-extensions] Updated encryption examples (#158) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56e63d4d2c250_715b3f8eeb7832a0963990"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Mar 2016 04:25:54 -0000 ----==_mimepart_56e63d4d2c250_715b3f8eeb7832a0963990 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Thanks to @beverloo for identifying the bug in my code that caused this to take so long. You can view, comment on, or merge this pull request online at: https://github.com/httpwg/http-extensions/pull/158 -- Commit Summary -- * Indent * Include label in the list * Adding leading explanation * Making compress+encrypt example slightly more plausible * Moving explanation up front, fixing length * Fixing explicit key example * Adding example with multiple records * Adding example with authentication secret * Fixing JWE example -- File Changes -- M draft-ietf-httpbis-encryption-encoding.md (104) -- Patch Links -- https://github.com/httpwg/http-extensions/pull/158.patch https://github.com/httpwg/http-extensions/pull/158.diff --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/158 ----==_mimepart_56e63d4d2c250_715b3f8eeb7832a0963990 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Thanks to @beverloo for identifying the bug in my code that caused this to take so long.

You can view, comment on, or merge this pull request online at:

  https://github.com/httpwg/http-extensions/pull/158

Commit Summary

  • Indent
  • Include label in the list
  • Adding leading explanation
  • Making compress+encrypt example slightly more plausible
  • Moving explanation up front, fixing length
  • Fixing explicit key example
  • Adding example with multiple records
  • Adding example with authentication secret
  • Fixing JWE example

File Changes

Patch Links:


Reply to this email directly or view it on GitHub.

----==_mimepart_56e63d4d2c250_715b3f8eeb7832a0963990-- From nobody Mon Mar 14 16:45:31 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.909 X-Spam-Level: X-Spam-Status: No, score=-5.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Mon, 14 Mar 2016 16:45:27 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1457999127; bh=n+S0ZSGcCnadxrkRkfJEDJRfatlvyZpobagjScXXHEo=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=HfE8tICVHNCVEaddy28t+PNH3/zS+Lo9zlFm5enVE/bfunmKAk2ng6vVgr9mYuztt 3Fq+cieRZgKNLsrveZqG+mR6RSiFRmYoZp+f5dms/5Mr8NBQyaY4FRGYoJOis4PsOv xW+roTbAPkwxzM1lbj8Z1ZusLBuueCNM5IAz68/Y= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Updated encryption examples (#158) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56e74d1748f8f_1ff83ff62f8052b824064"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Mar 2016 23:45:30 -0000 ----==_mimepart_56e74d1748f8f_1ff83ff62f8052b824064 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit > @@ -359,13 +359,13 @@ header field. > > aesgcm: > > -: The "aesgcm" parameter contains the URL-safe base64 [RFC4648] octets of the > -input keying material. > +: The "aesgcm" parameter contains the URL and filename safe base64 [RFC4648] > + octets of the input keying material with padding removed. Well, it turns out that '=' is an invalid character unless you quote the string. I think that we should be strict here. I believe that Firefox is, but I could be wrong about that. --- Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/158/files#r56095628 ----==_mimepart_56e74d1748f8f_1ff83ff62f8052b824064 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

In draft-ietf-httpbis-encryption-encoding.md:

> @@ -359,13 +359,13 @@ header field.
>  
>  aesgcm:
>  
> -: The "aesgcm" parameter contains the URL-safe base64 [RFC4648] octets of the
> -input keying material.
> +: The "aesgcm" parameter contains the URL and filename safe base64 [RFC4648]
> +  octets of the input keying material with padding removed.

Well, it turns out that '=' is an invalid character unless you quote the string. I think that we should be strict here. I believe that Firefox is, but I could be wrong about that.


Reply to this email directly or view it on GitHub.

----==_mimepart_56e74d1748f8f_1ff83ff62f8052b824064-- From nobody Tue Mar 15 06:18:03 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.909 X-Spam-Level: X-Spam-Status: No, score=-5.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 15 Mar 2016 06:17:44 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458047864; bh=TRH5WP1TWAT3TzZXjkwM9om4NCTOX+g9hmRlW/k+nxA=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=0V4lcZmAOlToXe7Tv8HQkfpuDlbIvVXYHISKEo1KZJ8yRZIKrDPzzOv0EjQfk+ogl XcKEDTHDy/sQ8HkFuBY4bFH40gF8RMuY2WIl93yefMRy8wE6a0YH8dmvSoM0TdubaY 6JLf+ilRsy433ASBDJA9xBHjuyRnmwWi7XVqxShw= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Updated encryption examples (#158) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56e80b78bb3f5_24413fab2df552b8980c2"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Mar 2016 13:18:02 -0000 ----==_mimepart_56e80b78bb3f5_24413fab2df552b8980c2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit > @@ -359,13 +359,13 @@ header field. > > aesgcm: > > -: The "aesgcm" parameter contains the URL-safe base64 [RFC4648] octets of the > -input keying material. > +: The "aesgcm" parameter contains the URL and filename safe base64 [RFC4648] > + octets of the input keying material with padding removed. I'll change Chrome to play ball then. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/158/files#r56160068 ----==_mimepart_56e80b78bb3f5_24413fab2df552b8980c2 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

In draft-ietf-httpbis-encryption-encoding.md:

> @@ -359,13 +359,13 @@ header field.
>  
>  aesgcm:
>  
> -: The "aesgcm" parameter contains the URL-safe base64 [RFC4648] octets of the
> -input keying material.
> +: The "aesgcm" parameter contains the URL and filename safe base64 [RFC4648]
> +  octets of the input keying material with padding removed.

I'll change Chrome to play ball then.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/httpwg/http-extensions/pull/158/files#r56160068

----==_mimepart_56e80b78bb3f5_24413fab2df552b8980c2-- From nobody Tue Mar 15 06:18:25 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.455 X-Spam-Level: X-Spam-Status: No, score=-5.455 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 15 Mar 2016 06:18:20 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458047900; bh=kt++CK3D6alTQIqyj/K3wZQcbLzf4Tm3IrI+oJShGE0=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=1DLROPnU13GKcOedzXMm2S+2BhG74moYVTK3RF9zeUjQ6kYD6R05MkHDJ6/h46ujr /SL1rtvFQY1lS0+UPP1yaNsSNmgQhRDAJX1hf1Pw0r+76Qqps44Fol7VzXD5t8bxT1 fGlelE1kqlzgkM6JNTlET4xAMHTG+ldjxbLdOkYs= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Updated encryption examples (#158) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56e80b9c2119a_62ba3ff425e1329c154674"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Mar 2016 13:18:24 -0000 ----==_mimepart_56e80b9c2119a_62ba3ff425e1329c154674 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit > @@ -598,6 +629,28 @@ added for presentation purposes only. > ~~~ > > > +## Diffie-Hellman with Authentication Secret {#ex-authSecret} > + > +This example shows the same receiver key pair from {{ex-dh}}, but with a shared > +authentication secret of "R29vIGdvbyBnJyBqb29iIQ". > + > +~~~ > +HTTP/1.1 200 OK > +Content-Length: 33 > +Content-Encoding: aesgcm > +Encryption: keyid="dhkey"; salt="lngarbyKfMoi9Z75xYXmkg" > +Crypto-Key: keyid="dhkey"; > + dh="BNoRDbb84JGm8g5Z5CFxurSqsXWJ11ItfXEWYVLE85Y7 > + CYkDjXsIEc4aqxYaQ1G8BqkXCJ6DPpDrWtdWj_mugHU" > + > +6nqAQUME8hNqw5J3kl8cpVVJylXKYqZOeseZG8UueKpA Confirmed! Thanks. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/158/files#r56160125 ----==_mimepart_56e80b9c2119a_62ba3ff425e1329c154674 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

In draft-ietf-httpbis-encryption-encoding.md:

> @@ -598,6 +629,28 @@ added for presentation purposes only.
>  ~~~
>  
>  
> +## Diffie-Hellman with Authentication Secret {#ex-authSecret}
> +
> +This example shows the same receiver key pair from {{ex-dh}}, but with a shared
> +authentication secret of "R29vIGdvbyBnJyBqb29iIQ".
> +
> +~~~
> +HTTP/1.1 200 OK
> +Content-Length: 33
> +Content-Encoding: aesgcm
> +Encryption: keyid="dhkey"; salt="lngarbyKfMoi9Z75xYXmkg"
> +Crypto-Key: keyid="dhkey";
> +                dh="BNoRDbb84JGm8g5Z5CFxurSqsXWJ11ItfXEWYVLE85Y7
> +                    CYkDjXsIEc4aqxYaQ1G8BqkXCJ6DPpDrWtdWj_mugHU"
> +
> +6nqAQUME8hNqw5J3kl8cpVVJylXKYqZOeseZG8UueKpA

Confirmed! Thanks.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/httpwg/http-extensions/pull/158/files#r56160125

----==_mimepart_56e80b9c2119a_62ba3ff425e1329c154674-- From nobody Tue Mar 15 07:27:05 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.455 X-Spam-Level: X-Spam-Status: No, score=-5.455 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 15 Mar 2016 07:26:32 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458051992; bh=AU9bYntWuW88e4JXB2BypFX/Yyu3s3F/y521kKxGbvw=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=uZioIJYKhf3fXrj3lSxdF0CqY5ZncNENcbUsakwczor+6hp8Y/laTrN6EQgwuDEwY 0Oqnm+3aHBV5+hg9fTi9pam/34TtjoB42uc3IJ6wJXGuc00+GLBHtvK60GyDql6vpM 3dTNONITtqDqYKQfCG3oizoOEkwheas1SFrzoXkE= To: httpwg/http-extensions Subject: [http-extensions] Allow cookies without key or value. (#159) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56e81b98b967d_2d003fb8af6e92c0454613"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Mar 2016 14:27:03 -0000 ----==_mimepart_56e81b98b967d_2d003fb8af6e92c0454613 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit As a part of discussion in whatwg/html#804 I've made a [research](http://inikulin.github.io/cookie-compat/) of the modern browsers compatibility with the RFC 6265. It appears that all browsers nowadays allows cookies without key or (in case of Safari) without value, thus making it de facto standard. However, it's debatable how cookies like `foo;` should be treated: as the cookie without value or without key. Thinking of cookie jar as some kind of key/value store makes it more logical to treat such cookie as cookies without value, but on the other hand currently most implementers treats them as the cookies with the special empty key. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/159 ----==_mimepart_56e81b98b967d_2d003fb8af6e92c0454613 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

As a part of discussion in whatwg/html#804 I've made a research of the modern browsers compatibility with the RFC 6265. It appears that all browsers nowadays allows cookies without key or (in case of Safari) without value, thus making it de facto standard. However, it's debatable how cookies like foo; should be treated: as the cookie without value or without key. Thinking of cookie jar as some kind of key/value store makes it more logical to treat such cookie as cookies without value, but on the other hand currently most implementers treats them as the cookies with the special empty key.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/httpwg/http-extensions/issues/159

----==_mimepart_56e81b98b967d_2d003fb8af6e92c0454613-- From nobody Wed Mar 16 17:54:28 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -3.062 X-Spam-Level: X-Spam-Status: No, score=-3.062 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Wed, 16 Mar 2016 17:54:24 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458176064; bh=N8tUenHfdyNiRvrTRA7tpAWwb9eBoVu4m2/WbbsjfIg=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=SU15Q5zb9tmsvN+P2QeXfp8jf9C1d/VgvZ8BqGzGenNuxD7CORZYBfZtjRI+h03X/ IVaWG3x9gQ9/FcAqmje8IgDEBUAdWP9wKdxHUxW8vvg18cYT6oSv5CfQQ40u785DIU IllaTexfP8YoJ/BjDuDiBkEE/Z1OmTtEZKVVhtzg= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Wrap at 100 (#152) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56ea0040c0a97_6d273f9b81eed2a0975ae"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Mar 2016 00:54:27 -0000 ----==_mimepart_56ea0040c0a97_6d273f9b81eed2a0975ae Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Merged #152. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/152#event-592729088 ----==_mimepart_56ea0040c0a97_6d273f9b81eed2a0975ae Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Merged #152.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56ea0040c0a97_6d273f9b81eed2a0975ae-- From nobody Wed Mar 16 17:57:19 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.942 X-Spam-Level: X-Spam-Status: No, score=-4.942 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Wed, 16 Mar 2016 17:57:14 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458176235; bh=uQXKdAnFp72fcBzE+WLqc/I0COAMGoJl456LlvdOs7M=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=arTQ1tyvvtFzmG9bVwoxODnz++ntVL07CuoaDUW5SqDb5v8cMEPXBIoiR1sda+poX rUEQKutjeLfszNxwmtgcGmviJbdugBrpCqBnWoJ9G3ZWNNHUUn5YwvjZKhCXRTgwlC Z/0vjYutkIgyzejJAL/2QNRBi2r9ph3JcfXk+8mY= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Updated encryption examples (#158) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56ea00eaea659_26d73fb1be12b2b8376651"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Mar 2016 00:57:17 -0000 ----==_mimepart_56ea00eaea659_26d73fb1be12b2b8376651 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Merged manually --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/158#issuecomment-197626565 ----==_mimepart_56ea00eaea659_26d73fb1be12b2b8376651 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Merged manually


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56ea00eaea659_26d73fb1be12b2b8376651-- From nobody Wed Mar 16 17:57:24 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.942 X-Spam-Level: X-Spam-Status: No, score=-4.942 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Wed, 16 Mar 2016 17:57:15 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458176235; bh=72EbmWi8OHlYCtkMIwTLj8ZCvYuZFIQMipSYtloq2D0=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=kRfuwh2QYKhwgmDG4K9INPo5zd2CTfqB5S4VXb40Mq9Xru3Y2mnkcOon/c6CiENPy TItjI33rGi+op9EL0MG+NpFdXcvNT88ipKxkDeUOCbUTxdiCDVLt5XHpBeBCH5fGc4 GS10PCKPpYi7euo4HWHYIjoa9jtTSBUGpCY+5N+c= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Updated encryption examples (#158) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56ea00ebb6963_79af3f977695f2c0484695"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Mar 2016 00:57:18 -0000 ----==_mimepart_56ea00ebb6963_79af3f977695f2c0484695 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closed #158. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/158#event-592731027 ----==_mimepart_56ea00ebb6963_79af3f977695f2c0484695 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closed #158.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56ea00ebb6963_79af3f977695f2c0484695-- From nobody Wed Mar 16 18:06:48 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.961 X-Spam-Level: X-Spam-Status: No, score=-4.961 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Wed, 16 Mar 2016 18:06:31 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458176791; bh=xQvyXXjBxW6UsihObm6/oqoHGhptKx+GVjJam82uVvA=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=aLzAuwwVpprdFhCrNoWNFHJydffkm2GOLBmBj8FhIaqQUmr3sGm4lkxklVV+JhJTh qQV3warhwvQECvhh1T3AYZdkz78LfRARMngcqdgCqGPTtkYvN3D30wSQ0eKNpmFzjQ bKOWGqsO2NUJ4hnO4G2FKVttU9YmTJKvq1WlfZUU= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Attacks from same host (#144) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56ea03172082c_728e3f954b68129c457b9"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Mar 2016 01:06:47 -0000 ----==_mimepart_56ea03172082c_728e3f954b68129c457b9 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closing as per on-list discussion; there doesn't seem to be much interest in solving this problem. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/144#issuecomment-197630706 ----==_mimepart_56ea03172082c_728e3f954b68129c457b9 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closing as per on-list discussion; there doesn't seem to be much interest in solving this problem.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56ea03172082c_728e3f954b68129c457b9-- From nobody Wed Mar 16 18:06:50 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.961 X-Spam-Level: X-Spam-Status: No, score=-4.961 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Wed, 16 Mar 2016 18:06:31 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458176791; bh=acnfEWblc0jpMsFXNEe9sWhZIqdG6p9eDkWmjpMKau4=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=dZZTBCWgFvtKZlYGk5Nbt2XZsMb9xxuLaXlIw2hHKH3w80sbvYwlnwTyLK4xTUfvT 5DzQjCumuCLlJIzLc4QTOrt+NzTN0sRUsHUPfXCb21gqCYPnZuKavBrJUIEVtmIy33 PXd6vUYQhrSS8CCjAi0noyBV8a5GU1f1SPPedV84= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Attacks from same host (#144) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56ea03177e116_6a463f954b68129c248167"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Mar 2016 01:06:47 -0000 ----==_mimepart_56ea03177e116_6a463f954b68129c248167 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closed #144. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/144#event-592739499 ----==_mimepart_56ea03177e116_6a463f954b68129c248167 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closed #144.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56ea03177e116_6a463f954b68129c248167-- From nobody Wed Mar 16 18:06:59 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.942 X-Spam-Level: X-Spam-Status: No, score=-4.942 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Wed, 16 Mar 2016 18:06:54 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458176814; bh=OiP6/wr0+E+N5Za0PmF2M7tJH2ig9Y29nFIcf09cmPA=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=2Sd9YVfaYyj5p9nXh9F8TqSjDz5E+4tj2duOIDUxseTnaf6JrqVCAF0zj6Qo7armO Q66udoa+gwqrt/ZjSkCPAumFAK8DwnnN9EN7CWNqEVcl18mOwS6p8OkSHnLqhKKtQa rcixAMfRZxyTordscCXiJpxrRtZutBRBybxrCsgY= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Requiring Use of TLS (#145) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56ea032e5abb1_7bf23fec1f6ef2bc1131ed"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Mar 2016 01:06:57 -0000 ----==_mimepart_56ea032e5abb1_7bf23fec1f6ef2bc1131ed Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Replaced by .well-known mechanism. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/145#issuecomment-197631025 ----==_mimepart_56ea032e5abb1_7bf23fec1f6ef2bc1131ed Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Replaced by .well-known mechanism.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56ea032e5abb1_7bf23fec1f6ef2bc1131ed-- From nobody Wed Mar 16 18:07:20 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.942 X-Spam-Level: X-Spam-Status: No, score=-4.942 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Wed, 16 Mar 2016 18:07:17 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458176837; bh=KiPeP7MK8aeHjGpVwER7OZ+g7A5Bne/tkr9+1uBDMqk=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=kALx+j5Y3Epr0bgOZsEVoaSSHWou9RTqkFndm/ulljV4EgrL22khYzFwg+Us2B0Y+ aoYGJKZc4FGb56RLinYtlq0AtR8QfEu7B/wDXJpGXiM3PAVHV5TDWdOGA5BI69u/tP kH1o6as7OQfQnIKebz6EM8mXj4haqIjmv9EAi2Xw= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] opp-sec: needs to reference RFC 5234, and needs to define "parameter" ABNF (#67) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56ea03458bc7e_78563fe37a7e929c38757"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Mar 2016 01:07:20 -0000 ----==_mimepart_56ea03458bc7e_78563fe37a7e929c38757 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Header is gone. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/67#issuecomment-197631346 ----==_mimepart_56ea03458bc7e_78563fe37a7e929c38757 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Header is gone.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56ea03458bc7e_78563fe37a7e929c38757-- From nobody Wed Mar 16 18:07:26 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.942 X-Spam-Level: X-Spam-Status: No, score=-4.942 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Wed, 16 Mar 2016 18:07:19 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458176839; bh=UB0c9hxokfckN8dypMt4rC+fm4+vrCoHJjjn7JPJj44=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=eFlARPHEpScW7frDmmY76v7uuo+pjZcX0rFdyYuEMIoj3hge4OPU/+btXFDm+fygn ZiK2TcobsVYnF96k/wyA8v6oXLjHr76lf0lTj8W5ApQkdrmFPVRHYO11dojsvXyZeG S8j/RCqFkGrzFo0I4WZJwOghdrhQ9yzUb7ds75N8= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] opp-sec: needs to reference RFC 5234, and needs to define "parameter" ABNF (#67) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56ea03472dfad_6a323f954b68129c196048"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Mar 2016 01:07:21 -0000 ----==_mimepart_56ea03472dfad_6a323f954b68129c196048 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closed #67. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/67#event-592740726 ----==_mimepart_56ea03472dfad_6a323f954b68129c196048 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closed #67.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56ea03472dfad_6a323f954b68129c196048-- From nobody Fri Mar 18 15:36:02 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.928 X-Spam-Level: X-Spam-Status: No, score=-5.928 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Fri, 18 Mar 2016 15:35:57 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458340557; bh=GScEfdkvAyXw3HtUAagGcjeu9VF+973dTTd8XHDFlTI=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=qSy0Y5lrA4NdTDYww+bzrgiW98Y7YCNNdVdQ0cBa3Hq5uLGwcLNQOz/iAAmXn3Vqn H3VzRQZTkGMfWBiAtlo99UfLIPPc6b7jgiAAlLWf59rMrX3VvDP4sdIRyII86zp5Ae s2jnr/Kvj4yUmkfheZNmVt1X6G05kZFXvppSzFmE= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Commit without same-host opt-in (#160) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56ec82cddc04b_61e23fee8fcdf2b8720bb"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Mar 2016 22:36:01 -0000 ----==_mimepart_56ec82cddc04b_61e23fee8fcdf2b8720bb Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit There's a fair bit of overlap with #161 -- likely the same ultimate text change to resolve -- but I think the points are slightly different. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/160#issuecomment-198568136 ----==_mimepart_56ec82cddc04b_61e23fee8fcdf2b8720bb Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

There's a fair bit of overlap with #161 -- likely the same ultimate text change to resolve -- but I think the points are slightly different.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56ec82cddc04b_61e23fee8fcdf2b8720bb-- From nobody Mon Mar 21 17:35:37 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.961 X-Spam-Level: X-Spam-Status: No, score=-4.961 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Mon, 21 Mar 2016 17:35:02 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458606902; bh=W0OKzs7l7CysYlqBVb7iTK/UCRpRrUyjcEIe+2BFcTg=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=FFvNnCp6rg8PhUNEt35rG4zfkx2fGPeFeDuAJHHlRYnREo3rn2I1c6C09roBsADMt 3gZPZb20+DR08WNd7CmOV/aHRVbxNehV5eipaaKrXVlmnZ5DMgaQlFIf3sQbWc1E/5 11kVDlOi8UkK3tR5FclQhNswdUuTk5btHxZJwNoM= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] "Original-Content-Length" to indicate data savings (#140) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56f0933611db1_9593fc4156d329c100154"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Mar 2016 00:35:27 -0000 ----==_mimepart_56f0933611db1_9593fc4156d329c100154 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Not hearing a strong demand for this. Closing. We can reopen if and when that changes. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/140#issuecomment-199560044 ----==_mimepart_56f0933611db1_9593fc4156d329c100154 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Not hearing a strong demand for this. Closing. We can reopen if and when that changes.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56f0933611db1_9593fc4156d329c100154-- From nobody Mon Mar 21 22:04:23 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.909 X-Spam-Level: X-Spam-Status: No, score=-5.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Mon, 21 Mar 2016 22:04:20 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458623060; bh=k+Mk5neH3MJ8cZ9sEEMlgitDOamxKwLDxHMGHP95nt0=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=bgsqkQoU/KuFePshqW8VLtfep8c9GGWLwpHMTWdGICta8E/L2znLQD9sXptq7QAJf cZI8yASZaMwt1TGu06hUnTtI3OQuz4qD/3eDYr9czDY8ikcfVkNds2W+L/3hCDHBvA Zewt2hXlV8fOYcurCIVnpytg4ODRoLNfwd8/iLw4= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Network Information API needs citation (#153) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56f0d25428ec6_700f3fec8c8eb29c7517a2"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Mar 2016 05:04:22 -0000 ----==_mimepart_56f0d25428ec6_700f3fec8c8eb29c7517a2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closed #153 via a1f0946b55c1924ac5afa4eb59a0fd600ea06980. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/153#event-598183326 ----==_mimepart_56f0d25428ec6_700f3fec8c8eb29c7517a2 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closed #153 via a1f0946.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56f0d25428ec6_700f3fec8c8eb29c7517a2-- From nobody Mon Mar 21 22:04:58 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.942 X-Spam-Level: X-Spam-Status: No, score=-4.942 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Mon, 21 Mar 2016 22:04:54 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458623094; bh=BdMpNSiUSMb+FaBHR4xnWmrFCA4EC3VMdqXcofMFynI=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=SzTmjM1lFAe7gfdYNN0PD9TUZAr5d3omfg6+v6o74y8cO6hZA/HEKi4ICg9csgdHn es/1vPwk9xrwcxXLqqiKyKZtStoBL1aRcB+hNS9EDuZgW/Oecj/KoOEmEXS09Zhc46 mNoK8eNvSUcj84rZQ5uM8xybppznqa1uQDeC+Zcs= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] IANA considerations are a giant list (#154) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56f0d2761fd94_1d393fba5decb2b811898b"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Mar 2016 05:04:56 -0000 ----==_mimepart_56f0d2761fd94_1d393fba5decb2b811898b Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closed #154. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/154#event-598183605 ----==_mimepart_56f0d2761fd94_1d393fba5decb2b811898b Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closed #154.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56f0d2761fd94_1d393fba5decb2b811898b-- From nobody Tue Mar 22 12:12:36 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.383 X-Spam-Level: X-Spam-Status: No, score=-5.383 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 22 Mar 2016 12:12:24 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458673944; bh=pSu7kqwofBU96iE7UuutNMArWQ2vtnDqtvxxa+RklpU=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=NyF9VwjFj/Ptjn6mx/RGBoN3FWYyRRHrXfoP/eVX7+G/AQJ0I91OWLIgPwL6Jy18q 0xaKOJm7YQ6eUfTZl00v+mpY4DF1eYLPpQuP2wT0ZirNFnSfIw+V7l7k/MIy8y0Yc/ yguylV+T3BYPD5hzZsJMQ/tVJDuKME5vtfw2BKpI= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Support "Or" operator (#104) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56f19918d5c44_76fd3ffad16152b81950f2"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Mar 2016 19:12:35 -0000 ----==_mimepart_56f19918d5c44_76fd3ffad16152b81950f2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit @mnot in https://github.com/httpwg/http-extensions/issues/104#issuecomment-187447282, I thought we were referring to the case of "orthogonal hints" (https://github.com/httpwg/http-extensions/issues/104#issuecomment-161842062). FWIW, I do think the earlier suggestion of substr (in https://github.com/httpwg/http-extensions/issues/104#issuecomment-157212831) is something we should support, as I've heard many requests for this -- e.g. the user-agent case, cookies, etc. That said, perhaps we should open a separate bug for that? --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/104#issuecomment-199969747 ----==_mimepart_56f19918d5c44_76fd3ffad16152b81950f2 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

@mnot in #104 (comment), I thought we were referring to the case of "orthogonal hints" (#104 (comment)). FWIW, I do think the earlier suggestion of substr (in #104 (comment)) is something we should support, as I've heard many requests for this -- e.g. the user-agent case, cookies, etc. That said, perhaps we should open a separate bug for that?


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56f19918d5c44_76fd3ffad16152b81950f2-- From nobody Tue Mar 22 14:50:00 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.961 X-Spam-Level: X-Spam-Status: No, score=-4.961 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 22 Mar 2016 14:49:48 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458683388; bh=tWCzX2PeTwyneHj33pzkZzFhJ6/HlbCf4sEhNbrXlyg=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=gRGWR+86TI16g5MrEJQXCRYT3SSNtjmEMRNWNXA6gYvP4CTx9KLFd0iAtD1+u5xha 2rcJxt2XzpsN4X9AFkRYV86YvTpVU0jqgq/z5ziiVt/3WPh8vHvGecSFF1iI9WskLP /Wy8XDvrvLT1xJEbaR8HLbXLn7FXByhDFNBznZpY= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Define more precisely which CH headers are sent by default (#156) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56f1bdfc16739_f763f91577992bc366683"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Mar 2016 21:49:58 -0000 ----==_mimepart_56f1bdfc16739_f763f91577992bc366683 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Yes, that seems like a good approach. And yes, CH needs to define how to parse and set the "client hints policy". Or at least some spec needs to before CH is implementable. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/156#issuecomment-200045915 ----==_mimepart_56f1bdfc16739_f763f91577992bc366683 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Yes, that seems like a good approach. And yes, CH needs to define how to parse and set the "client hints policy". Or at least some spec needs to before CH is implementable.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56f1bdfc16739_f763f91577992bc366683-- From nobody Tue Mar 22 17:50:58 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.942 X-Spam-Level: X-Spam-Status: No, score=-4.942 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 22 Mar 2016 17:50:47 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458694247; bh=1RRRp1/p9iybxNjBVXNRh9Fv4gT/ObGk3CCnYzYr8Tc=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=fxkxoNyvKqwGSf9pVjmrT8Rp+qDi5nQ4bcyYdNGdTO11qTssp1GYswOPIW7q2VFsJ 1Y5DJttghbir3T2aF6gSpAxD0Xv2AxKCiu7xMr+PCFQUKCRQtyCs3xBudSu6V9QlF7 5xW/Z56+VRQiE2W2fVg3fZXiiKm+PQGduvHjLBZg= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Define more precisely which CH headers are sent by default (#156) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56f1e867a0e7e_7bd93fd1919e729c14233a0"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Mar 2016 00:50:57 -0000 ----==_mimepart_56f1e867a0e7e_7bd93fd1919e729c14233a0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit So, Fetch gets updated every time a new hint is defined? --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/156#issuecomment-200097319 ----==_mimepart_56f1e867a0e7e_7bd93fd1919e729c14233a0 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

So, Fetch gets updated every time a new hint is defined?


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56f1e867a0e7e_7bd93fd1919e729c14233a0-- From nobody Tue Mar 22 18:01:47 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.961 X-Spam-Level: X-Spam-Status: No, score=-4.961 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 22 Mar 2016 18:01:35 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458694895; bh=NVGp2o7m4L3CngFJ+7GcpmAwZ50J6XE5TLcPwBD6grE=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=WoO41yhX6rSEi/pOhVbVG4B/SIdbMD3PmHj/MuC8I9RFffdi7IoSmk4NfV3xgC5ny IAu4nB5srzXeESWL8qwRKzItd9WDd+F57hQeMlf0RVSK/7nFDtejN1oNtIYVkcGxuV e+Ju0wWR30eHNEFtZD7sSbk/Oy04WuIiJclmAL5U= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Define more precisely which CH headers are sent by default (#156) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56f1eaef4a831_625d3fa3684a52b81923b5"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Mar 2016 01:01:46 -0000 ----==_mimepart_56f1eaef4a831_625d3fa3684a52b81923b5 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Do we have an easy way of identifying them as hints so that it would be unnecessary to do that? --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/156#issuecomment-200099616 ----==_mimepart_56f1eaef4a831_625d3fa3684a52b81923b5 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Do we have an easy way of identifying them as hints so that it would be unnecessary to do that?


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56f1eaef4a831_625d3fa3684a52b81923b5-- From nobody Tue Mar 22 19:41:13 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.942 X-Spam-Level: X-Spam-Status: No, score=-4.942 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 22 Mar 2016 19:41:09 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458700869; bh=j2sdd1lWG8oBFTILAg6OH+Bkq/e42h25loH2Yp485Os=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=Ig8TWrwYo3T0UED7Bvz0e9v4hOmrFBWzJNt5Rxi4zZ/jY6/ctHer6esEDVjn3G4Rd E+KCK2BgMf+pzOccJd+ekzVH5FhL+wasGiLSt2SWQgxBQQVjSKp5/ThEVy2i3yftoU oSMkGmnTvrLGk+zHCwNWgl1GK46Wnsn1TbXB5KI8= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Define more precisely which CH headers are sent by default (#156) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56f20245dfba5_424d3fdf6db8329c8085f3"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Mar 2016 02:41:12 -0000 ----==_mimepart_56f20245dfba5_424d3fdf6db8329c8085f3 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit I think it's OK if every time we create a new hint, we update Fetch (based on the anticipated number / volume). --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/156#issuecomment-200140157 ----==_mimepart_56f20245dfba5_424d3fdf6db8329c8085f3 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

I think it's OK if every time we create a new hint, we update Fetch (based on the anticipated number / volume).


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56f20245dfba5_424d3fdf6db8329c8085f3-- From nobody Tue Mar 22 21:13:38 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.909 X-Spam-Level: X-Spam-Status: No, score=-5.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 22 Mar 2016 21:13:32 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458706412; bh=i468WZZhntsEzWBKSmihvT+N5OYxY6Jdj9gvY5nazIA=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=AAT9fv+IQCPNftlz6YtvhF91VMemX+0AAR2v8phgajHjSgenOy7mMOAmvfIm5KJSf VF6JXXjRPXmx2MKHxLQU8+vz65fokGJ6m3JGyfi89mryHSqMa8IWF5dEAB7+kQqCxY OK7F3luxok+GAaX4nKaJux6yH4hVLsdIV08rWUlk= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Define more precisely which CH headers are sent by default (#156) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56f217ecd3060_45c13fd814eed2bc14923a"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Mar 2016 04:13:36 -0000 ----==_mimepart_56f217ecd3060_45c13fd814eed2bc14923a Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit In which case, the remaining question is: @annevk are you comfortable (re, https://github.com/whatwg/fetch/pull/258) with integrating this as part of Fetch? I'm happy to draft the update. Alternatively, I guess I can try and monkey patch it from CH spec, but that's far less appealing.. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/156#issuecomment-200165644 ----==_mimepart_56f217ecd3060_45c13fd814eed2bc14923a Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

In which case, the remaining question is: @annevk are you comfortable (re, whatwg/fetch#258) with integrating this as part of Fetch? I'm happy to draft the update. Alternatively, I guess I can try and monkey patch it from CH spec, but that's far less appealing..


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56f217ecd3060_45c13fd814eed2bc14923a-- From nobody Wed Mar 23 01:00:47 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.909 X-Spam-Level: X-Spam-Status: No, score=-5.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Wed, 23 Mar 2016 01:00:41 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1458720041; bh=B2EUM+71n62ZUvNFGPpBXUyyqw0bIZbQhrH5WQYhMqE=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=ob+Tg+2H6+NQPjYxEsxR02gXs8aZvUb6wFV2y+dqc48N+8N49bkHUETOBQfh1x/Xy lxfZOXSPIXQub0cv58YyzxmyBaFfjEWeWmimgvYu5nLKLJIE//bWPJp++94LHGeQvT Obqohl0toHiC4CT++9V/X5XmA/JanfuvDCzJuQFE= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [http-extensions] Define more precisely which CH headers are sent by default (#156) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56f24d29ac184_4a9e3f8aaf6772c0471cb"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Mar 2016 08:00:46 -0000 ----==_mimepart_56f24d29ac184_4a9e3f8aaf6772c0471cb Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Yeah, I am. It seems @hsivonen still has concerns with this entire feature, but if Mozilla will ship regardless (?) it sounds like that would be a good way to define all the edge cases here. Another way to do this would be to patch the HTML Standard to set these headers as appropriate. Though the HTML Standard, especially the navigate algorithm, still needs some work done so perhaps it's better to use Fetch (at least for now). --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/156#issuecomment-200236296 ----==_mimepart_56f24d29ac184_4a9e3f8aaf6772c0471cb Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Yeah, I am. It seems @hsivonen still has concerns with this entire feature, but if Mozilla will ship regardless (?) it sounds like that would be a good way to define all the edge cases here.

Another way to do this would be to patch the HTML Standard to set these headers as appropriate. Though the HTML Standard, especially the navigate algorithm, still needs some work done so perhaps it's better to use Fetch (at least for now).


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56f24d29ac184_4a9e3f8aaf6772c0471cb-- From nobody Wed Mar 30 16:10:59 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.942 X-Spam-Level: X-Spam-Status: No, score=-4.942 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_12=2.059, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Wed, 30 Mar 2016 16:10:52 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1459379452; bh=mfUFMF/ZVDYh3Lcia8japKa324ze8euOlP0Rp9yukdI=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=AvVhZVXp16VCaoZxVcjyZSx6u8wKbLiIcb4LSjyEhSZh+sHKFTVYBTC2DVRihps7c FTwd/mpV5uezCeGgL/SXL1fn3ukdusz8wStqB/5ECKXGxfxhX9tB6gdT+TOGWkATUC vpiJUzysaIf4cpFs5vvh0YeSMVoDoBp+yApXXDxw= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] Define more precisely which CH headers are sent by default (#156) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56fc5cfca3cc4_3f413fea8bb5d2bc559c1"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Mar 2016 23:10:58 -0000 ----==_mimepart_56fc5cfca3cc4_3f413fea8bb5d2bc559c1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit If anyone wants to follow along: https://github.com/whatwg/fetch/pull/258 -- initial run at integrating CH and Fetch. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/156#issuecomment-203677084 ----==_mimepart_56fc5cfca3cc4_3f413fea8bb5d2bc559c1 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

If anyone wants to follow along: whatwg/fetch#258 -- initial run at integrating CH and Fetch.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56fc5cfca3cc4_3f413fea8bb5d2bc559c1-- From nobody Wed Mar 30 17:41:44 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.383 X-Spam-Level: X-Spam-Status: No, score=-5.383 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Wed, 30 Mar 2016 17:41:35 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1459384896; bh=A2nKN+J/ikrKtS7kVH1YsQDNK9HFoc74whodIJIsx54=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=bYaURFzh0oIUiBYGb/fS0Fmaznle//MRtci7WOjQ62f+2wjtrvIvQ7tsQQSvYwB7Z fqgT2e0hBfLbSFoVohMug3v8hrSB21KF1QVkf6HISyKcBvVDz9EbXbkYGdEZVZ15MG gInEti5Llu1Tl7sdw7pyK6SXxhMt5WJ2RSWdtugU= To: httpwg/http-extensions Subject: [httpwg/http-extensions] Julian's review (#164) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_56fc723feeaf8_6ad03f893bec92b82333d5"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Mar 2016 00:41:42 -0000 ----==_mimepart_56fc723feeaf8_6ad03f893bec92b82333d5 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit I think that I caught everything in the first round of discussion. There aren't any substantial changes here, but it's a PR so that others can confirm. You can view, comment on, or merge this pull request online at: https://github.com/httpwg/http-extensions/pull/164 -- Commit Summary -- * DRY on active attacks * Expand TLS on first use * Avoid obvious normative language when repeating parts of other documents * More specific reference to authentication requirements * Remove extra comma * s/an/a * there is no and * Section reference added * Section link un-weirded * Restructuring section on confusion * Adding Julian to acks -- File Changes -- M draft-ietf-httpbis-http2-encryption.md (51) -- Patch Links -- https://github.com/httpwg/http-extensions/pull/164.patch https://github.com/httpwg/http-extensions/pull/164.diff --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/164 ----==_mimepart_56fc723feeaf8_6ad03f893bec92b82333d5 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

I think that I caught everything in the first round of discussion. There aren't any substantial changes here, but it's a PR so that others can confirm.

You can view, comment on, or merge this pull request online at:

  https://github.com/httpwg/http-extensions/pull/164

Commit Summary

  • DRY on active attacks
  • Expand TLS on first use
  • Avoid obvious normative language when repeating parts of other documents
  • More specific reference to authentication requirements
  • Remove extra comma
  • s/an/a
  • there is no and
  • Section reference added
  • Section link un-weirded
  • Restructuring section on confusion
  • Adding Julian to acks

File Changes

Patch Links:


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

----==_mimepart_56fc723feeaf8_6ad03f893bec92b82333d5--