Align opp-sec and alt-svc #33
Comments
|
Yeah, I think that this did cross that line. The first suggestion is fine, and we probably need to identify what is actually used to authenticate the server identify (which is not TLS :). The second suggestion I'd like to respond to, but won't go into detail here because the list is more appropriate (and I'm very tired right now). We have discussed this sort of signal before. Mark's original draft proposed a very similar feature in a different form. |
|
Marked "design" for the second part. Eric, in the future please open separate issues. |
|
Discussed in Honolulu; can flip to editorial. |
|
I looked at https://github.com/httpwg/wg-materials/blob/gh-pages/ietf91/minutes.md#alt-svc; not sure what the concrete proposal here is. Just apply the first part of Eric's proposed change? |
|
For alt-svc, yes. |
|
removing alt-svc label because that change has been applied |
|
Is there anything that needs to change in OppSec here? |
|
Closing. |
After a re-read of alt-svc and opp-sec, it may make sense to have use some better alignment between the two docs around the cases where authentication is not employed. In particular, alt-svc indicates:
Replacing "is in use" with "is used to authenticate" would align that text better with opp-sec.
On the opp-sec side:
is very unclear for a server implementer (as well as clients). If authentication doesn't succeed, should the client fail-back to clear-text (the origin) or hard fail?
One possibility (which may start getting outside of the editorial realm) is for an Alt-Svc parameter indicating that authentication will not be present (either via an unauthenticated cipher suite or a mismatching cert). This would allow clients to chose to ignore the Alt-Svc rather than following it and erroring or needing to fall-back). For example:
The text was updated successfully, but these errors were encountered: