[websec] HSTS ABNF still broken: requires leading semi-colon[websec] HSTS ABNF still broken: requires leading semi-colon
=JeffH
2012-03-23
websec
/arch/msg/websec/oWkJ_Btu_OS9fxxhN3Amgap6meE
1504543
1665262
Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9
Paul Hoffman
2012-03-21
websec
/arch/msg/websec/CrSR3IR1pBjL1ny8Pzlr2Bv7oiw
1504542
1665264
Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9
Paul Hoffman
2012-03-21
websec
/arch/msg/websec/OJxpPH0egPnNBujvuB0lxxte_A4
1504541
1665264
Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9
Yoav Nir
2012-03-21
websec
/arch/msg/websec/3Tt8Fm0e8rcfoGl3Dssa6zzZnd0
1504540
1665264
Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9
Paul Hoffman
2012-03-21
websec
/arch/msg/websec/yzJ5W2YVQ_5V4v2KF_rUvrdpBUQ
1504539
1665264
Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9
Julian Reschke
2012-03-20
websec
/arch/msg/websec/SCycXBpMFjGl7EkFpk0X3qL4Wc0
1504538
1665264
Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9
SM
2012-03-20
websec
/arch/msg/websec/t9ZCDTUxgTwwvx9EFEclw23SBfU
1504537
1665264
Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9
Alexey Melnikov
2012-03-19
websec
/arch/msg/websec/yIA38WgJPMsXCVsiV5WFSzaMqV0
1504536
1665264
Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9
Tobias Gondrom
2012-03-19
websec
/arch/msg/websec/evmP9AxiXlwrEFqyjfYx2Dg7PXs
1504535
1665264
Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9
Marsh Ray
2012-03-19
websec
/arch/msg/websec/3249-2G2xGQFc-96Rk1BZyy-sYA
1504534
1665264
Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9Re: [websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9
Julian Reschke
2012-03-19
websec
/arch/msg/websec/hD4vgZ7qfAmQa9SKapLaZneYRF4
1504533
1665264
[websec] websec meeting in Paris - agenda topics?[websec] websec meeting in Paris - agenda topics?
Tobias Gondrom
2012-03-19
websec
/arch/msg/websec/3RwlRhfQGmkHbySspe07TGqCaOs
1504532
1665263
[websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9[websec] WG Last Call on draft-ietf-websec-strict-transport-sec-06 until April-9
Tobias Gondrom
2012-03-18
websec
/arch/msg/websec/pAx2Nc4wdq-wTCYxHUrZf8zWzYU
1504531
1665264
[websec] HSTS ABNF still broken: requires leading semi-colon[websec] HSTS ABNF still broken: requires leading semi-colon
Manger, James H
2012-03-13
websec
/arch/msg/websec/m5hffVo6mwuQho10jNHVvxfmt1o
1504530
1665291
Re: [websec] WG Last Call for -strict-transport-sec-05 - COMMENTSRe: [websec] WG Last Call for -strict-transport-sec-05 - COMMENTS
=JeffH
2012-03-13
websec
/arch/msg/websec/5ZxF9s3gVSMvE3JUlgfgFGs93zs
1504529
1665265
[websec] I-D Action: draft-ietf-websec-strict-transport-sec-06.txt[websec] I-D Action: draft-ietf-websec-strict-transport-sec-06.txt
internet-drafts
2012-03-12
websec
/arch/msg/websec/iGKTg23B9qFk0p3HT2m0aDnADek
1504528
1665266
[websec] #38: HSTS : Editorial Comments[websec] #38: HSTS : Editorial Comments
websec issue tracker
2012-03-12
websec
/arch/msg/websec/2P3NTqXyZW8FgMKNEOUMnYWBq-o
1504527
1665267
Re: [websec] WG Last Call for -strict-transport-sec-05 - COMMENTSRe: [websec] WG Last Call for -strict-transport-sec-05 - COMMENTS
=JeffH
2012-03-12
websec
/arch/msg/websec/ZI16t9Yd38TOw0l_6haFyx-9Nao
1504526
1665265
Re: [websec] new rev: draft-ietf-websec-strict-transport-sec-05Re: [websec] new rev: draft-ietf-websec-strict-transport-sec-05
Tobias Gondrom
2012-03-11
websec
/arch/msg/websec/1plK2h5OVDUKFIrZKZhUbXrUA2I
1504525
1665271
[websec] #37: Clarify that superdomain HSTS flag does not update max-age of subdomain's HSTS max-age and vice versa[websec] #37: Clarify that superdomain HSTS flag does not update max-age of subdomain's HSTS max-age and vice versa
websec issue tracker
2012-03-11
websec
/arch/msg/websec/H3_Jpqk2gjYh_nahfgBc1eoYD9E
1504524
1665268
Re: [websec] WG Last Call for -strict-transport-sec-05 - COMMENTSRe: [websec] WG Last Call for -strict-transport-sec-05 - COMMENTS
Tobias Gondrom
2012-03-11
websec
/arch/msg/websec/NMkHGgXdrnBzQqljZcw5ugak26A
1504523
1665270
Re: [websec] STS ABNF, was: new rev: draft-ietf-websec-strict-transport-sec-04Re: [websec] STS ABNF, was: new rev: draft-ietf-websec-strict-transport-sec-04
Julian Reschke
2012-03-10
websec
/arch/msg/websec/I3wn-RCrCfkcyB6fbIVqtLAmZqE
1504522
1665250
Re: [websec] #10: note that end-entity certs can be dristrib'd to http clients ?Re: [websec] #10: note that end-entity certs can be dristrib'd to http clients ?
websec issue tracker
2012-03-09
websec
/arch/msg/websec/jY0wCMGcG3e4Kpn1V1VWMJOcLXk
1504521
1665397
Re: [websec] #11: failing insecure connections and user recourseRe: [websec] #11: failing insecure connections and user recourse
websec issue tracker
2012-03-09
websec
/arch/msg/websec/2EXE6rh9xXnglLcSkOsnLgB5hjI
1504520
1665393
Re: [websec] #12: Remove dependencies on HTTPbis and depend on RFC2616 onlyRe: [websec] #12: Remove dependencies on HTTPbis and depend on RFC2616 only
websec issue tracker
2012-03-09
websec
/arch/msg/websec/cFHE3GitN1yZbczKpJgi1KYX1sU
1504519
1665390
Re: [websec] #13: clarify that max-age=0 will cause UA to forget a known HSTS hostRe: [websec] #13: clarify that max-age=0 will cause UA to forget a known HSTS host
websec issue tracker
2012-03-09
websec
/arch/msg/websec/RruxOWsSZQyTotydT5vqqRx-to8
1504518
1665269
Re: [websec] #14: Effective Request URI definition issuesRe: [websec] #14: Effective Request URI definition issues
websec issue tracker
2012-03-09
websec
/arch/msg/websec/tu8_WwSxuo72Hpi7OJNeWkdyqsU
1504517
1665369
Re: [websec] #27: HSTS header ABNF is a hybrid of RFC2616 and httpbis and is overly complex and brokenRe: [websec] #27: HSTS header ABNF is a hybrid of RFC2616 and httpbis and is overly complex and broken
websec issue tracker
2012-03-09
websec
/arch/msg/websec/RUdw_-BUEAIKDww6VSuFdmveWnI
1504516
1665324
Re: [websec] #28: HSTS spec unclear about the denotation of "HSTS policy"Re: [websec] #28: HSTS spec unclear about the denotation of "HSTS policy"
websec issue tracker
2012-03-09
websec
/arch/msg/websec/KlicQM8Q9XoZML2i4bpszuV463E
1504515
1665323
Re: [websec] #29: HSTS: dismbiguate "mixed content" term & provide referenceRe: [websec] #29: HSTS: dismbiguate "mixed content" term & provide reference
websec issue tracker
2012-03-09
websec
/arch/msg/websec/se69wKt43FifAOzZVprUnqLqtAU
1504514
1665322
Re: [websec] #30: HSTS: add an informational reference to RFC 4732: Denial-of-Service ConsiderationsRe: [websec] #30: HSTS: add an informational reference to RFC 4732: Denial-of-Service Considerations
websec issue tracker
2012-03-09
websec
/arch/msg/websec/gPYmMmUtqScwpVe_aLBmYHQgKq8
1504513
1665321
Re: [websec] #31: HSTS: mention case insesitivity in prose for "max-age" and "includeSubDomains"Re: [websec] #31: HSTS: mention case insesitivity in prose for "max-age" and "includeSubDomains"
websec issue tracker
2012-03-09
websec
/arch/msg/websec/FVgKi85G_IxEexz_i-yK5K4MP1M
1504512
1665320
Re: [websec] #32: HSTS: explain some practical implications of includeSubDomains directiveRe: [websec] #32: HSTS: explain some practical implications of includeSubDomains directive
websec issue tracker
2012-03-09
websec
/arch/msg/websec/e5_Li29RWp3UeLCCVuRjtcbAJyw
1504511
1665294
Re: [websec] #33: HSTS: quoted-string grammar in (extension) directives ?Re: [websec] #33: HSTS: quoted-string grammar in (extension) directives ?
websec issue tracker
2012-03-09
websec
/arch/msg/websec/w5OZrnYZ0r0MJTW6oac63EjX1M0
1504510
1665291
Re: [websec] #34: HSTS cache manipulation and misuse by server enabled by wildcard certRe: [websec] #34: HSTS cache manipulation and misuse by server enabled by wildcard cert
websec issue tracker
2012-03-09
websec
/arch/msg/websec/tn34b4rtBaY99mOzsgmgPGw2Ti8
1504509
1665285
Re: [websec] #35: HSTS spec could be more clear about UA behavior behind proxiesRe: [websec] #35: HSTS spec could be more clear about UA behavior behind proxies
websec issue tracker
2012-03-09
websec
/arch/msg/websec/4-NqI4iVCsibNYhvsH65zxA-L8I
1504508
1665281
Re: [websec] #36: HSTS: fixup referencesRe: [websec] #36: HSTS: fixup references
websec issue tracker
2012-03-09
websec
/arch/msg/websec/hDuNIy2AQzvkB5WJeFDmjFjp__E
1504507
1665280
Re: [websec] #26: reference IDNA2008 as well as IDNA2003Re: [websec] #26: reference IDNA2008 as well as IDNA2003
websec issue tracker
2012-03-09
websec
/arch/msg/websec/TjkQy12l-t9_sxfjkFLyAb6QBnk
1504506
1665325
[websec] WG Last Call for -strict-transport-sec-05 ?[websec] WG Last Call for -strict-transport-sec-05 ?
=JeffH
2012-03-09
websec
/arch/msg/websec/jU7RV3HJaMFgyLMya6-pTn-LEM0
1504505
1665270
Re: [websec] #9: explicitly note revocation check failures as errors causing connection termination?Re: [websec] #9: explicitly note revocation check failures as errors causing connection termination?
websec issue tracker
2012-03-09
websec
/arch/msg/websec/D0lSfH5vjkZT2yEb3iDxPd146HY
1504504
1665398
2399 Messages