From nobody Thu Sep 1 04:53:29 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.382 X-Spam-Level: X-Spam-Status: No, score=-5.382 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Thu, 01 Sep 2016 04:51:51 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1472730711; bh=iGBuuv7l6dUkJmGzOpS60yhZUZ29ZsE/eYnjy730OPQ=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=H/KoFQxOyl91jO6cAtUu5pwdxunJ5Cn6UkEfJAx6+zyCQ/E+8MzNFGdXm3mDpA2HV rmnwLvWcqSvkSbVH+s+1yZ59LPxFPnGDNXYeLzXOZxko/d63RZPGKk9KR2KQvnXgzg bWqbXuhai0qcPYILKP8dlAB7bP6aLVCItEU5uXz8= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] cookie-alone: add path-match restriction. (3f58813) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57c8165789e43_2d7a3ff40f5512a01692d"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Sep 2016 11:53:27 -0000 ----==_mimepart_57c8165789e43_2d7a3ff40f5512a01692d Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit This patch broke the Travis build. `make cookie-alone` succeeds locally, and nothing in the diff jumps out at me as being particularly confusing for the various scripts. Looking into it. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/commit/3f58813b120dbedcf78d0df899b5a74e095fd068#commitcomment-18862488 ----==_mimepart_57c8165789e43_2d7a3ff40f5512a01692d Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

This patch broke the Travis build. make cookie-alone succ= eeds locally, and nothing in the diff jumps out at me as being particular= ly confusing for the various scripts. Looking into it.

&m= dash;
You are receiving this because you are subscribed to this thre= ad.
Reply to this email directly, view it on GitHub, or mute the thread. 3D""

----==_mimepart_57c9aa52e52e9_68813ffa2d3fd2b81260dd-- From nobody Fri Sep 2 09:35:42 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.383 X-Spam-Level: X-Spam-Status: No, score=-5.383 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Fri, 02 Sep 2016 09:35:31 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1472834131; bh=RHLKm4AZdpCXW0ZIS0Sbnbtv9iowpNcs+d4+wSubWaw=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=apCrYtEweGwIsxSYxxyZQWPUGGpRjNFaNFvUDyT3XnlJV0P2m+djPjhO3wfMAsl2A cnj0I55N0aZptubIqW1yeYWdGWuElnqOj6SLxLYzy5WkA1CGMR0hdd5ey45b3DHQfe lVtHs3QrVw2XN+B0aAa9RML4zKsHYF0SPVvPd4Yg= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] remove RFC 2616 dependencies (#115) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57c9aa533cf9b_38c13fc0a77a92a095064"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Sep 2016 16:35:35 -0000 ----==_mimepart_57c9aa533cf9b_38c13fc0a77a92a095064 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closed #115. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/115#event-776808869 ----==_mimepart_57c9aa533cf9b_38c13fc0a77a92a095064 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closed #115.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57c9aa533cf9b_38c13fc0a77a92a095064-- From nobody Fri Sep 2 09:35:57 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.455 X-Spam-Level: X-Spam-Status: No, score=-5.455 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Fri, 02 Sep 2016 09:35:53 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1472834153; bh=YLSDq5k6u0fvETHxU5S9UTEK3qOih0hOUDoMiuvmWKU=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=TYWQ4J51yGayc9OFqadxhCCV08VffEuVAlSgOAT47fRFIEPjyuDZLhroH4KXRDD3c KuL2I/EVek/AUAOm/qLjnAi8FvpF5NpLDbhxSj+kdZgqcIxCyYrmsbB921MZwUK2oR z/Wk53WLAsys6W6/g58SPoTlep0dwvJqGDwQvg2s= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] update usage guidelines to current best practices (#116) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57c9aa69b62b6_e243fcf33e8f2a0758e0"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Sep 2016 16:35:56 -0000 ----==_mimepart_57c9aa69b62b6_e243fcf33e8f2a0758e0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Fixed in draft 02. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/116#issuecomment-244425269 ----==_mimepart_57c9aa69b62b6_e243fcf33e8f2a0758e0 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Fixed in draft 02.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57c9aa69b62b6_e243fcf33e8f2a0758e0-- From nobody Fri Sep 2 09:39:16 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.455 X-Spam-Level: X-Spam-Status: No, score=-5.455 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Fri, 02 Sep 2016 09:39:11 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1472834351; bh=oqjF5M2nfSxC975L11led1JG1IEqO3quRxaACDFmVVk=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=0XgRc+5S2Phk38wVVExbKTj1g/fSLM6oJjdBKaWImAjVCKS+yXoVOuIF0ltoX2iEg IEFrhudzdMLX+If04WJb3wfXbE+Oa7bQaxfXO7ugZO/JyFst7vk9qSkONYhhNx7O/I PK8C++pF9PlXrE3aNaG+r3XDuK9EtmbBWLH+TDWg= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] Expand on motivation for the encoding (#213) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57c9ab2f41502_96a3fcf33e8f2a01673cd"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Sep 2016 16:39:14 -0000 ----==_mimepart_57c9ab2f41502_96a3fcf33e8f2a01673cd Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit ...for new header fields? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/213#issuecomment-244426048 ----==_mimepart_57c9ab2f41502_96a3fcf33e8f2a01673cd Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

...for new header fields?

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57c9ab2f41502_96a3fcf33e8f2a01673cd-- From nobody Fri Sep 2 09:46:04 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.383 X-Spam-Level: X-Spam-Status: No, score=-5.383 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Fri, 02 Sep 2016 09:46:00 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1472834760; bh=9e2oHQMSaGjdZKFrSRcfaWEsfiH9QkTWBDdO3nTcCqo=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=o3yH5wcb1bKLSaP7n+hcjO/xIhnU/gS2qFbhLKNYZc7CRPXWsVFTddkScChYm9GVo f+QNhMPa/1mW6EcJYcx6aNQB4tnic2yV8wrMgJFHnYlw6jKAIwvdBIpHv3hQLN8tOS BcLxtq4WXV/T//PkwRWqT8gf1Z+YAKQ50O3QHfaU= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] Advice for new parameters / headers (#227) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57c9acc8a5eb0_6b6f3fa364fdb2bc155315"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Sep 2016 16:46:03 -0000 ----==_mimepart_57c9acc8a5eb0_6b6f3fa364fdb2bc155315 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit I disagree with the proposed change; in particular for header fields that already use this syntax. We could make a recommendation for new header fields, but what you propose is yet another new format, so I just do not see the benefit over that we have right now. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/227#issuecomment-244427628 ----==_mimepart_57c9acc8a5eb0_6b6f3fa364fdb2bc155315 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

I disagree with the proposed change; in particular for header fields t= hat already use this syntax.

We could make a recommendation for new header fields, but what you pro= pose is yet another new format, so I just do not see the benefit over tha= t we have right now.

&m= dash;
You are receiving this because you are subscribed to this thre= ad.
Reply to this email directly, view it on GitHub, or mute the thread.

= ----==_mimepart_57c9acc8a5eb0_6b6f3fa364fdb2bc155315-- From nobody Sun Sep 4 23:13:25 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.454 X-Spam-Level: X-Spam-Status: No, score=-5.454 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Sun, 04 Sep 2016 23:13:21 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1473056001; bh=kEs6+YV5qy6/GRA62OWFBtXYpzUkJtQP0f8BISATE0o=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=jwyLTHK7eC+FOKIv18f4D0rxgbp/lF/r1+ssDGHvynf3unGrm7Z/wEiZ4YiFm92oz jZCkmJ6xPv721apWFl0xscqThb9QPYcuR7i/rOQPvFIl5ulMX08YWR34claL3l/RXZ lZ/WiI3D+9/GM7s98WSSgfZpsBx1XSrTS2O4qzNQ= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] Advice for new parameters / headers (#227) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57cd0d017da9a_4af63fa4d56192c02575f7"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Sep 2016 06:13:24 -0000 ----==_mimepart_57cd0d017da9a_4af63fa4d56192c02575f7 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit We could give an example, e.g., percent-encoding over utf-8 (which is already specified elsewhere). -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/227#issuecomment-244665866 ----==_mimepart_57cd0d017da9a_4af63fa4d56192c02575f7 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

We could give an example, e.g., percent-encoding over utf-8 (which is already specified elsewhere).

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57cd0d017da9a_4af63fa4d56192c02575f7-- From nobody Sun Sep 4 23:52:41 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.596 X-Spam-Level: X-Spam-Status: No, score=-5.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Sun, 04 Sep 2016 23:52:37 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1473058357; bh=lk6STVY47PdJ3ytlgtZiUiiAeTmBtIXhbMHJeR66IGA=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=FulJ3w5PMkxppCphwTFKE0mnjSPvd/I9FsnSiiO/vusWXm9wdUP4kQkvaxVQnxoyz 0SmhvBnqct97XA2PmwNBhU31WStUiiPaevYLRGdDgyKAbTpAkCE0gWHvexf7ZPDBxA Rsjk9L50wBkOUMx3CzBtEzymKVrv572Re/r31UFQ= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] Advice for new parameters / headers (#227) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57cd1635d90d4_28cc3fdfb195d2bc869cc"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Sep 2016 06:52:40 -0000 ----==_mimepart_57cd1635d90d4_28cc3fdfb195d2bc869cc Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit A format that has a single mode *and* supports non-ASCII (over HTTP/1.1) will need an escape character (such as %). This is a new format (if we don't count the Slug header field in atompub). It also means that senders always will have to escape (so that "%" isn't ambiguous). Yes, we can specify that somewhere, but until we do so we can't recommend something like that. At the end of the day it's not clear to me at all whether yet another format improves the situation. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/227#issuecomment-244670759 ----==_mimepart_57cd1635d90d4_28cc3fdfb195d2bc869cc Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

A format that has a single mode and supports non-ASCII (over = HTTP/1.1) will need an escape character (such as %). This is a new format= (if we don't count the Slug header field in atompub). It also means that= senders always will have to escape (so that "%" isn't ambiguous).

Yes, we can specify that somewhere, but until we do so we can't recomm= end something like that. At the end of the day it's not clear to me at al= l whether yet another format improves the situation.

&m= dash;
You are receiving this because you are subscribed to this thre= ad.
Reply to this email directly, view it on GitHub, or mute the thread.

= ----==_mimepart_57cd1635d90d4_28cc3fdfb195d2bc869cc-- From nobody Mon Sep 5 00:38:35 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -7 X-Spam-Level: X-Spam-Status: No, score=-7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Mon, 05 Sep 2016 00:38:31 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1473061111; bh=4/9+MAR8VCIkw5IXUJpyM5yizE5NYZmAk9R4UZcl4BE=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=nW+OXs7tp1PMRxwB0q0FQEtw17pQR4NjU+hhCNA+pWehLdZozgKPMRA/HN3ePSCOz eLmCehoIiAt4yfL6q+GI7OcbMEqQUCF9ibDODhrPNQGHvzPiIyn7B3YpfDNHAtqDCf ebG0Jnr44EUSfShZ8N8hi+Qme/7eS2FUu0w7E9Yc= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] httpbis-cookie-alone breaks backwards compat (#223) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57cd20f7992f4_79b63fa796c112b8316395"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Sep 2016 07:38:34 -0000 ----==_mimepart_57cd20f7992f4_79b63fa796c112b8316395 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit > If I had to deal with that scenario, I'd probably just focus more on HSTS instead to avoid those cookie related headaches. Doesn't that seem like a good outcome? > Mike, you said yourself that you feel like path-level distinctions in cookies was a historical mistake, The fact that I consider path-level distinctions for cookies to be a mistake (and I do) doesn't mean that I can pretend they don't exist. I'm doing my best to work within the constraints they create to incrementally raise the platform's baseline. *shrug* > so wouldn't opt-in mechanisms (HSTS, Cookie-Attributes, Suborigins, etc) be better long-term than allowing the cookie path-match algorithm to further dictate how servers organize content? Yes. When we can create opt-in mechanisms that allow sites to lock themselves down further than we can lock down the platform at large, we should. However, relying strictly upon those mechanisms is unlikely to produce actual change in the ecosystem. For instance, despite fairly broad outreach and understanding, something like ~4% of the cookies Chrome users set in the last month have the `Secure` attribute. ~7% have `HttpOnly`. I think it's pretty clear that, in an ideal world, those numbers would be an order of magnitude higher. It seems unlikely than an opt-in approach would buy us much in terms of protection, especially when the opt-in is fairly complicated, as `Cookie-Attributes` would be. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/223#issuecomment-244678287 ----==_mimepart_57cd20f7992f4_79b63fa796c112b8316395 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

If I had to deal with that scenario, I'd probably just focus more on H= STS instead to avoid those cookie related headaches.

Doesn't that seem like a good outcome?

Mike, you said yourself that you feel like path-level distinctions in = cookies was a historical mistake,

The fact that I consider path-level distinctions for cookies to be a m= istake (and I do) doesn't mean that I can pretend they don't exist. I'm d= oing my best to work within the constraints they create to incrementally = raise the platform's baseline. shrug

so wouldn't opt-in mechanisms (HSTS, Cookie-Attributes, Suborigins, et= c) be better long-term than allowing the cookie path-match algorithm to f= urther dictate how servers organize content?

Yes. When we can create opt-in mechanisms that allow sites to lock the= mselves down further than we can lock down the platform at large, we shou= ld.

However, relying strictly upon those mechanisms is unlikely to produce= actual change in the ecosystem. For instance, despite fairly broad outre= ach and understanding, something like ~4% of the cookies Chrome users set= in the last month have the Secure attribute. ~7% have HttpOnly. I think it's pretty clear that, in an ideal world, thos= e numbers would be an order of magnitude higher.

It seems unlikely than an opt-in approach would buy us much in terms o= f protection, especially when the opt-in is fairly complicated, as = Cookie-Attributes would be.

&m= dash;
You are receiving this because you are subscribed to this thre= ad.
Reply to this email directly, view it on GitHub, or mute the thread.

= ----==_mimepart_57cd20f7992f4_79b63fa796c112b8316395-- From nobody Wed Sep 7 13:45:01 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.596 X-Spam-Level: X-Spam-Status: No, score=-5.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Wed, 07 Sep 2016 13:44:55 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1473281095; bh=A1HuvIxhlLAX5RX9LbXnjnUhlb2NTInCYpGk4xhe+RY=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=eP3SAord26bWpsCEhozveIO7HAnddpSFASbcSwRQr28f8sZEATTXhh0M4eQLmt2KN BzOFx16f2dd48BmaCgPQcVZsoh673ao4NpGzsSk63n1dUR9G2S/AR/uGv5J8hcdGeg RiRubSI/UnV7L4Tt8yFQhu/Sk5rGEdU4AXL3A7xU= To: httpwg/http-extensions Subject: [httpwg/http-extensions] remove tls-commit (#236) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57d07c47bfa57_2d9c3fa6dda452b8683fc"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Sep 2016 20:45:00 -0000 ----==_mimepart_57d07c47bfa57_2d9c3fa6dda452b8683fc Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit 3] get rid of tls-commit (i.e. the latch to opp sec) as this plays very poorly with alt-svc. The notion of alt-svc has always been that it is a shortcut route (or dns name if your prefer) for the same content as supplied at the default origin. If for any reason you cannot get there, you can always go back to the default origin. All of the machinery around this (validating alternates, etc) can happen transparently and asynchronously in the background until they are ready to be used. A mechanism that requires a characteristic of a route (auth'd TLS) but not the route itself doesn't play well - its far too easy to brick your site for an extended period of time and really ceases to be opportunistic in any meaningful sense. If you're up to managing this, then you're probably up to the fight of running https:// and using HSTS which at least has the benefit of not bringing a whole second technology (alt-svc) into play. [there is further discussion on list] -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/236 ----==_mimepart_57d07c47bfa57_2d9c3fa6dda452b8683fc Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

3] get rid of tls-commit (i.e. the latch to opp sec) as this plays very poorly with alt-svc. The notion of alt-svc has always been that it is a shortcut route (or dns name if your prefer) for the same content as supplied at the default origin. If for any reason you cannot get there, you can always go back to the default origin. All of the machinery around this (validating alternates, etc) can happen transparently and asynchronously in the background until they are ready to be used. A mechanism that requires a characteristic of a route (auth'd TLS) but not the route itself doesn't play well - its far too easy to brick your site for an extended period of time and really ceases to be opportunistic in any meaningful sense. If you're up to managing this, then you're probably up to the fight of running https:// and using HSTS which at least has the benefit of not bringing a whole second technology (alt-svc) into play.

[there is further discussion on list]

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57d07c47bfa57_2d9c3fa6dda452b8683fc-- From nobody Thu Sep 8 02:37:22 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.595 X-Spam-Level: X-Spam-Status: No, score=-5.595 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_SORBS_SPAM=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Thu, 08 Sep 2016 02:37:16 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1473327436; bh=wKGsdlHDMkCHj2yb7aIhFvNOf1enTWqgOgS2RV7cr8o=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=FqqMIw6zX+APouqtHZqnVhIaWSaKIgyC9pV35yiNusC10ILGFWfM2Y8j2Ff8gn5uJ g1A7IN9vr+lq6cj3djElDBdL8ZF0pHgszj7RRA0l22d+nYrUyCUukpu2t1ZS5k9Sfo qwHPKffTf2CWtUqMbFxP4RKVtXfM6kmGG+QP3Ke4= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] httpbis-cookie-alone breaks backwards compat (#223) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57d1314c20122_19d53f88b7b6f2b8220362"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Sep 2016 09:37:20 -0000 ----==_mimepart_57d1314c20122_19d53f88b7b6f2b8220362 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit With the -01 draft published, and Chrome updated (in https://github.com/dstockwell/chromium/commit/2c857fb16cdef9783ba3caeb586b9a3648114b17), I think it's reasonable to close this out. We can continue the discussion of the other proposed paths forward (`Cookie-Attributes`, etc) on the list. Thanks again for your feedback, @dvdckl! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/223#issuecomment-245545626 ----==_mimepart_57d1314c20122_19d53f88b7b6f2b8220362 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

With the -01 draft published, and Chrome updated (in dstockwell/chromium@2c857fb),= I think it's reasonable to close this out. We can continue the discussio= n of the other proposed paths forward (Cookie-Attributes, et= c) on the list.

Thanks again for your feedback, @dvdckl!

&m= dash;
You are receiving this because you are subscribed to this thre= ad.
Reply to this email directly, view it on GitHub, or mute the thread.

= ----==_mimepart_57d1314c20122_19d53f88b7b6f2b8220362-- From nobody Thu Sep 8 02:37:24 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.381 X-Spam-Level: X-Spam-Status: No, score=-5.381 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_SORBS_SPAM=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Thu, 08 Sep 2016 02:37:16 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1473327436; bh=TUhTKuA/murLG0fTt2Uba6y9LQm8eg297fXEffHCWvk=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=qBDllL3hbHIKYKfUtmWg+PFWk3JVmom+01XgNAzisuq5VGb3qGERGJfXrKstWyaay 4x0PoeSj/KhWqa35tdqkZvAgKoaSxTTv0kLbb+THGyi4J6BRkywFlDuULdHFBD3AQM 2UfB8dBnG/6CyD3tuSHGMR0XkqJeU6mg8L8wpPIs= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] httpbis-cookie-alone breaks backwards compat (#223) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57d1314c372c7_4b1a3fe25ab9d29c14760f"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Sep 2016 09:37:20 -0000 ----==_mimepart_57d1314c372c7_4b1a3fe25ab9d29c14760f Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closed #223. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/223#event-782126496 ----==_mimepart_57d1314c372c7_4b1a3fe25ab9d29c14760f Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closed #223.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57d1314c372c7_4b1a3fe25ab9d29c14760f-- From nobody Tue Sep 27 06:11:43 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.096 X-Spam-Level: X-Spam-Status: No, score=-5.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 27 Sep 2016 06:11:35 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1474981896; bh=hbWTjFtz4KLlMjHjIvBhVl5VvLjFUojt2i2xKOXme0A=; h=From:Reply-To:To:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=c+//c0pRhrl2Y18GPdXKex9Qwvi1VKWGO3msTMpmCFSFpcJ1WJcvtrkD7jVp913DV MsbR5c9xYINLbKvnNxmFCnEUEvNfEQ1baU+MVAka5zNoxqzoM5eskbmfluWkd5qT09 iJTxpxcvvqLbWwRqurN3o+LM4dKBVuVm4HiyGdUs= To: httpwg/http-extensions Subject: [httpwg/http-extensions] type the artwork (#237) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57ea7007f1f21_21c3fb64c71329c547818"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Sep 2016 13:11:41 -0000 ----==_mimepart_57ea7007f1f21_21c3fb64c71329c547818 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit You can view, comment on, or merge this pull request online at: https://github.com/httpwg/http-extensions/pull/237 -- Commit Summary -- * type the artwork -- File Changes -- M draft-ietf-httpbis-encryption-encoding.md (2) -- Patch Links -- https://github.com/httpwg/http-extensions/pull/237.patch https://github.com/httpwg/http-extensions/pull/237.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/237 ----==_mimepart_57ea7007f1f21_21c3fb64c71329c547818 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

You can view, comment on, or merge this pull request online at:

https://github.com/httpwg/http-extensions/pull/237

Commit Summary

type the artwork

File Changes

M draft-ietf-httpbis-encryption-encoding.md (2)

Patch Links:

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57ea7007f1f21_21c3fb64c71329c547818-- From nobody Tue Sep 27 19:57:17 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.455 X-Spam-Level: X-Spam-Status: No, score=-5.455 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 27 Sep 2016 19:57:12 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1475031432; bh=wIiljzDf/eLRHwtUeyxj6VvqusIAKW9pPUtXAXvDtdc=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=RX9zWKyegSjdG2Xvu4XWM9BNg4FX+NmMRfqz5+luXJf6OfagUkfyvktqIYwadB62A llK80GIfrA4lwDnSH2SqjGPC6TISGEf6xGXtVpERVBK+RVpZ0GnVnckDSmUINy3Wzg GFUBmIEbWKGXANuRS726IkBGXzKJ3UNBJ1rm8qTQ= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] require tls auth (#234) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57eb3188c9b8_78c93ffcfb1bf2a01136b5"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Sep 2016 02:57:15 -0000 ----==_mimepart_57eb3188c9b8_78c93ffcfb1bf2a01136b5 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Question: is the intent to retain the requirement that the alternative service be on the same host? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/234#issuecomment-250059156 ----==_mimepart_57eb3188c9b8_78c93ffcfb1bf2a01136b5 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Question: is the intent to retain the requirement that the alternative service be on the same host?

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57eb3188c9b8_78c93ffcfb1bf2a01136b5-- From nobody Tue Sep 27 21:49:21 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -7 X-Spam-Level: X-Spam-Status: No, score=-7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 27 Sep 2016 21:49:14 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1475038154; bh=XWUardlqPWDgcURCoLPX6ZA1HyHyMcJGtRVkSzdNIHE=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=pnX+HZkdPvaValJlHLTaoJt8LSkQ7XvzLAT7ku8PLYB61Q7tDccQKUeJS2KOLqvwU PU9QDELI5P9gbKGD/YAEvFn5QK34UbYz5aVoxWP1RWNsCTuoViVXI5ZRFpM8dD0HRc qdPaPRtRxMRyOa8RmnZi/7vDX+Z5s3ajGharDI9k= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] Digest algorithm (#228) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57eb4bca7a601_ac13fd6e66392bc14309f"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Sep 2016 04:49:21 -0000 ----==_mimepart_57eb4bca7a601_ac13fd6e66392bc14309f Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit xxHash seems good, but see https://github.com/Cyan4973/xxHash/issues/49. Likewise, the other ones mentioned there are also defined by their source. I think our options are: 1. Specify one of these as a normative reference and hope we can get that through the process (not likely) 2. Write the spec for one of these (ouch) 3. Wait for someone else to write the spec for one of these (may be some time) 4. Continue using a specified algorithm. I'm kind of leaning towards (4), possibly leaving extensibility for other hash algorithms (although, as discussed before, it's not clear how we'd negotiate for that; maybe #22 could help). Thoughts? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/228#issuecomment-250070867 ----==_mimepart_57eb4bca7a601_ac13fd6e66392bc14309f Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

xxHash seems good, but see Cyan4973/xxHash#49.

Likewise, the other ones mentioned there are also defined by their sou= rce.

I think our options are:

Specify one of these as a normative reference and hope we can get tha= t through the process (not likely)
Write the spec for one of these (ouch)
Wait for someone else to write the spec for one of these (may be some= time)
Continue using a specified algorithm.

I'm kind of leaning towards (4), possibly leaving extensibility for ot= her hash algorithms (although, as discussed before, it's not clear how we= 'd negotiate for that; maybe #22 could help).

Thoughts?

&m= dash;
You are receiving this because you are subscribed to this thre= ad.
Reply to this email directly, view it on GitHub, or mute the thread.

= ----==_mimepart_57eb4bca7a601_ac13fd6e66392bc14309f-- From nobody Tue Sep 27 23:27:14 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.382 X-Spam-Level: X-Spam-Status: No, score=-5.382 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 27 Sep 2016 23:27:10 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1475044030; bh=xTRb1AGX0pelG0Z8+IfauVbspOHHCCG83LPXbT6tAes=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=WoJz1JRGwHTPbfJbzQMH+4FQlU2gjxDLCVBV7KAq/CYJ6N0qfIb/MAoTSLK0rqKD2 LwGVUkclmLTowLVzVVu/da/oNGm0Yrdjfxm04U/jqJIzKU4NBnIWH4tzV7sQr4ChXz CQssasJSQLBcoENTdXC2Vvu6LR/m9hSqF8CMttgI= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] security considerations regarding tracking (#215) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57eb62bebf007_1a3a3fc348e8529c321872"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Sep 2016 06:27:13 -0000 ----==_mimepart_57eb62bebf007_1a3a3fc348e8529c321872 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit I tend to agree with Roy -- this is the difference between "active" and "passive" fingerprinting. See: https://w3c.github.io/fingerprinting-guidance/ -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/215#issuecomment-250082689 ----==_mimepart_57eb62bebf007_1a3a3fc348e8529c321872 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

I tend to agree with Roy -- this is the difference between "active" and "passive" fingerprinting. See: https://w3c.github.io/fingerprinting-guidance/

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57eb62bebf007_1a3a3fc348e8529c321872-- From nobody Tue Sep 27 23:42:15 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.096 X-Spam-Level: X-Spam-Status: No, score=-5.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 27 Sep 2016 23:42:11 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1475044931; bh=IRzXLNiAwC8eF+3wE5m5wpGvMtJxPTlirE99YccJPM0=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=1V0CcVh1W4YwbDCd07v+g4bsqUFo2NfCnHV1Z2E1d6MtgMHY4RKeju+68lWDFYAdf jyj8VbKI1iHu4YqLzif9zMTX7idwf6msXL3c3zf2kYziLE3wbSKqfsES9RQjZNpiSN 4eLJvSiTwYc21XPjnk5tLZfcK6GAyPzuGWVfR1Eo= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] Digest algorithm (#228) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57eb66432c413_42443fa7d51ff2b81455b4"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Sep 2016 06:42:14 -0000 ----==_mimepart_57eb66432c413_42443fa7d51ff2b81455b4 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Don't know what the relevance of #22 is. I would say that this seems like a good basis for 2: https://github.com/aappleby/smhasher/wiki/MurmurHash3 These are necessarily very simple programs to specify. A draft shouldn't be hard to write if that's necessary. Of course, I'm lazy just like you. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/228#issuecomment-250084836 ----==_mimepart_57eb66432c413_42443fa7d51ff2b81455b4 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

Don't know what the relevance of #22 is.

I would say that this seems like a good basis for 2: https://github.com/aappl= eby/smhasher/wiki/MurmurHash3 These are necessarily very simple prog= rams to specify. A draft shouldn't be hard to write if that's necessary.= Of course, I'm lazy just like you.

&m= dash;
You are receiving this because you are subscribed to this thre= ad.
Reply to this email directly, view it on GitHub, or mute the thread.

= ----==_mimepart_57eb66432c413_42443fa7d51ff2b81455b4-- From nobody Tue Sep 27 23:44:31 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.382 X-Spam-Level: X-Spam-Status: No, score=-5.382 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 27 Sep 2016 23:44:27 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1475045067; bh=DISRZJNN/tdueOqKxcuObI1N6EJTKoSM6vzflOETpYQ=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=0QQjHE/+Xjk5oT5seV3CbZ7E6TwNjQGOReAQYFGvkxAJ70kjqkKFGS13mrYWSDZCX 7/d3Ja/qbB1wtjsTpMk+lXw4rt+97xQEbwwWrvuM/M3WMzHv/jj4fIrv9g00AlULv4 upTqoLDBtfAXO7+jzDfBrBN1mL/vYaaTAi8wrnHo= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] Digest algorithm (#228) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57eb66cbe5bf3_1e993fa6d24352c0749041"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Sep 2016 06:44:31 -0000 ----==_mimepart_57eb66cbe5bf3_1e993fa6d24352c0749041 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Sorry, #229. I take it you're volunteering, then... -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/228#issuecomment-250085146 ----==_mimepart_57eb66cbe5bf3_1e993fa6d24352c0749041 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Sorry, #229.

I take it you're volunteering, then...

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57eb66cbe5bf3_1e993fa6d24352c0749041-- From nobody Tue Sep 27 23:58:25 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.382 X-Spam-Level: X-Spam-Status: No, score=-5.382 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 27 Sep 2016 23:58:21 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1475045901; bh=ey7o+epIKUvRBru1Fvf2Q6fvPzHfwrjrjO9HQLti3Ug=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=B6i/zW0BSrmGIMEy/5bVoIReqASmVn9WtqPo1Bh5tjyNUELStAwY1RAwZ3Mnhc6SK tn8gAkcsW3kSEST3TE6EorcQ5b2YcoFvBCmhU9XGHzR53lTbK+v7iYB5essWbmFfBd qm88NnLB7en4GYAGd/1l22cZ/XRA4cZhnoUmKzCA= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] Terminology in draft-ietf-httpbis-encryption-encoding (#217) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57eb6a0d6619d_468e3fd5b588f2a079a6"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Sep 2016 06:58:24 -0000 ----==_mimepart_57eb6a0d6619d_468e3fd5b588f2a079a6 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closed #217 via e6ba12a69a836c6c41e72045b35ee66670f41a8f. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/217#event-804998898 ----==_mimepart_57eb6a0d6619d_468e3fd5b588f2a079a6 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closed #217 via e6ba12a.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57eb6a0d6619d_468e3fd5b588f2a079a6-- From nobody Tue Sep 27 23:58:44 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.883 X-Spam-Level: X-Spam-Status: No, score=-4.883 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Tue, 27 Sep 2016 23:58:39 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1475045919; bh=priLkj/ACVOstFrv/hmliVlthJAtNXIE3Y90hYDERcM=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=2euSOUK03p9Ktl8sKN0Va96eN2DeDbX5wMo7Ab/7jRYeKkXi43CtSD652I730jmR6 UxqIrZvXV0UkyeEq38v0ZJE44f+n19nNuDZ04zccKY2AcEDYOFob2neDTvdMV3/VuU aXQyekAWDpvledOzusxrw4Mxph78F+Q5WEgBkpH8= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] Remove DH (#218) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57eb6a1f235e7_2d523f9d645092b85669c"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Sep 2016 06:58:43 -0000 ----==_mimepart_57eb6a1f235e7_2d523f9d645092b85669c Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Closed #218. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/218#event-804999169 ----==_mimepart_57eb6a1f235e7_2d523f9d645092b85669c Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Closed #218.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57eb6a1f235e7_2d523f9d645092b85669c-- From nobody Wed Sep 28 00:02:30 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.954 X-Spam-Level: X-Spam-Status: No, score=-4.954 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Wed, 28 Sep 2016 00:02:25 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1475046145; bh=T+Isdc96J+HrKmDO35DXwN2T2SM+XP7I6y8YokSAXCo=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=1eWMdS41H6IHEHRExJ50XIofkWZn1+T4c2xhUz/8DJb1MSgIg6GZK9dP3XoX+OaVZ +cFGdjyuo/KIDx63Kp2f86rCjbhTmjosvGIzWw26oIYu8E+JErfIv7OF9SMFU8/DZp Ut7m8ysA2mdSChsSTdbFjOaVryBcv4+RK6XrGxAI= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] Digest algorithm (#228) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57eb6b0152bba_410a3fd7358cf2c090595"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Sep 2016 07:02:28 -0000 ----==_mimepart_57eb6b0152bba_410a3fd7358cf2c090595 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit "Internet-Draft seeks editor, must like long walks on the beach, sunsets and have poor impulse control." -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/228#issuecomment-250087947 ----==_mimepart_57eb6b0152bba_410a3fd7358cf2c090595 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

"Internet-Draft seeks editor, must like long walks on the beach, sunsets and have poor impulse control."

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57eb6b0152bba_410a3fd7358cf2c090595-- From nobody Wed Sep 28 00:07:02 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -4.955 X-Spam-Level: X-Spam-Status: No, score=-4.955 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Wed, 28 Sep 2016 00:06:57 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1475046417; bh=XhSTYVRMvmt9SlJeJ9GuHRm6sOomji1YtEzWf4cck48=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=o5V+zXcc6YtEkDU2oC/dDZJ75yXFvpDfjATIL8AUXdDjAG6o6TQspH+W0617YXr5m yuX5Kzi8pMkFKwBI2nXH31fwNXePKlElPosIY/1RGUgBJeQChpLopJKSVcFnrnm5Og db+8+vjbufH7I2m+NnFj7eKhrO6cHW0Syzl1v7fg= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] Making tls-commit and tls-ports mutually exclusive (#207) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57eb6c11a31f5_2fe7f3fdad68a52a01012d0"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Sep 2016 07:07:00 -0000 ----==_mimepart_57eb6c11a31f5_2fe7f3fdad68a52a01012d0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Ah, sorry - forgot to look at the pulls. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/pull/207#issuecomment-250088729 ----==_mimepart_57eb6c11a31f5_2fe7f3fdad68a52a01012d0 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Ah, sorry - forgot to look at the pulls.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57eb6c11a31f5_2fe7f3fdad68a52a01012d0-- From nobody Wed Sep 28 05:40:09 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.382 X-Spam-Level: X-Spam-Status: No, score=-5.382 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Wed, 28 Sep 2016 05:39:47 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1475066387; bh=cdI9J4aXBVNrhFm5k/NxKnjzSfoNmhWKub2OJwd4p0E=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=lcUs9NVa9Nx0/a8U1TO4z8Ahd4WkSWPKUGrXFi8SphffzT+1AwHIg3Cladda0yOgQ PUG844p9PkDwsrtoci3xTjfRmnHWVcqILj1Pw00vdCGTMHC77us0DyIHwA50UIJi3+ XGBhgHJMgvNRk1dXsGttFLz6BIQYNb6pOcmKmC10= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] require tls auth (#234) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57ebba13bf0bf_72f33ffd970772c07547f"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Sep 2016 12:40:08 -0000 ----==_mimepart_57ebba13bf0bf_72f33ffd970772c07547f Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit @mnot [_Question: is the intent to retain the requirement that the alternative service be on the same host?_] no such requirement now that we have auth and .wk -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/234#issuecomment-250154839 ----==_mimepart_57ebba13bf0bf_72f33ffd970772c07547f Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

@mnot [Question: is the intent to retain the requirement that the alternative service be on the same host?]

no such requirement now that we have auth and .wk

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57ebba13bf0bf_72f33ffd970772c07547f-- From nobody Thu Sep 29 17:25:19 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.382 X-Spam-Level: X-Spam-Status: No, score=-5.382 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Thu, 29 Sep 2016 17:25:14 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1475195114; bh=kuLuzjOqO+smuEpmKecx6MvU2ArioTKRWTXhsFg4WeQ=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=aHNoesu1d6sCvNgLLRDJl24MsPoZNls5DGPalUw993k70GDmk13IuU/BhWsqPs7Fy bXyZCWwdphEn13hnxjZi5RlnP1cWWejcTGDkKUhAWR1f5V9FqcuAbfDa2pjl8bOQk3 vscHB3/2cjFS1NUK+cDkz7f4zBSiD+KtWWzdrmW8= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] Specify how origin frames interact with Altsvc (#214) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57edb0ea1cc8f_4d7e3f931d1eb2bc24122b"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Sep 2016 00:25:17 -0000 ----==_mimepart_57edb0ea1cc8f_4d7e3f931d1eb2bc24122b Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Ah. What you get in an alternate service is "below" what happens at the "origin" layer -- it isn't a new origin. I'll try to clarify, thanks. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/214#issuecomment-250628837 ----==_mimepart_57edb0ea1cc8f_4d7e3f931d1eb2bc24122b Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit

Ah. What you get in an alternate service is "below" what happens at the "origin" layer -- it isn't a new origin. I'll try to clarify, thanks.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

----==_mimepart_57edb0ea1cc8f_4d7e3f931d1eb2bc24122b-- From nobody Fri Sep 30 14:11:19 2016 Delivered-To: http-issues@ietfa.amsl.com X-Spam-Flag: NO X-Spam-Score: -5.383 X-Spam-Level: X-Spam-Status: No, score=-5.383 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com Date: Fri, 30 Sep 2016 14:11:15 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1475269875; bh=+hC8ev4IeNgbl3BrMSUdjIjAQcIrhG4xn/K1I1tZTXI=; h=From:Reply-To:To:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=rLQPJ+j6dIYlKMlS3lUDYW0duoEnpZnFQk0A82502qcV4vKNmB0h5Za0kh67dv5ih j6I7X/xNJI8OJ77DMnfn5gpF7k/4AfUmSk9Dj0QsroWDrD9JxbWclCLzi/yn8agjGQ ivkmLRx+0U50t7W/85ZwrmNObIp9wGhWdz2qLD0c= To: httpwg/http-extensions In-Reply-To: References: Subject: Re: [httpwg/http-extensions] security considerations regarding tracking (#215) Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="--==_mimepart_57eed4f33f4ff_37e63f99a799d2b874617"; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: list Archived-At: Message-ID: From: HTTP issue updates X-BeenThere: http-issues@ietf.org X-Mailman-Version: 2.1.17 Reply-To: http-issues@ietf.org List-Id: HTTP issue updates List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Sep 2016 21:11:18 -0000 ----==_mimepart_57eed4f33f4ff_37e63f99a799d2b874617 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit @royfielding @mnot thanks, great feedback. Took a run at incorporating what you've outlined: https://github.com/httpwg/http-extensions/commit/2ba199856ae926284fe868de7c257009f01fe3b8 - how does that look? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/httpwg/http-extensions/issues/215#issuecomment-250853259 ----==_mimepart_57eed4f33f4ff_37e63f99a799d2b874617 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

@roy= fielding @= mnot thanks, great feedback. Took a run at incorporating what you've = outlined: 2ba1998<= /tt> - how does that look?

&m= dash; You are receiving this because you are subscribed to this thre= ad. Reply to this email directly, view it on GitHub, or mute the thread.= = ----==_mimepart_57eed4f33f4ff_37e63f99a799d2b874617--