IETF Logo Mail Archive

Re: [Acme] [Errata Held for Document Update] RFC8555 (6843)

Seo Suchan <tjtncks@gmail.com> Sun, 14 January 2024 11:15 UTC

Return-Path: <tjtncks@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71C1DC14F6F1 for <acme@ietfa.amsl.com>; Sun, 14 Jan 2024 03:15:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.602
X-Spam-Level:
X-Spam-Status: No, score=-1.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hy4YUUwlztlI for <acme@ietfa.amsl.com>; Sun, 14 Jan 2024 03:15:45 -0800 (PST)
Received: from mail-oi1-x229.google.com (mail-oi1-x229.google.com [IPv6:2607:f8b0:4864:20::229]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A5F70C14F6F0 for <acme@ietf.org>; Sun, 14 Jan 2024 03:15:45 -0800 (PST)
Received: by mail-oi1-x229.google.com with SMTP id 5614622812f47-3bd6ef33227so591958b6e.0 for <acme@ietf.org>; Sun, 14 Jan 2024 03:15:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1705230944; x=1705835744; darn=ietf.org; h=content-transfer-encoding:mime-version:message-id:references :in-reply-to:user-agent:subject:to:from:date:from:to:cc:subject:date :message-id:reply-to; bh=ET+tLxd4wDUYO1HBEeSTbVfs/kYJRMouh8JN+QMi7vQ=; b=niZ1O8YKvi5hbYK9PozsLQZwFCYZ7hRIKCIIDDlH+si67P7goBAqGXeVYwFQjq98Hj 9TQrux/icTWuOkocuTMENeXHyO85TJYvNKIqZi2Nb2AdHXk9QuLY2KWTPznuwxI1eVQi cs4UBWQbJhp8AjEWbHhteIWOyEvsEEXpHPV5mu/2uqaI61iGe2UXrafY7zCYk6pELyhy SLVfQYWEmX2/IPHs956vqqNgwctp/PGSh+gpG3r+EqElYWbxeTGdkI+8TYjqNoPLKnL3 736/M6CbhCxPwubMSLUdu0kXqVduaOzk4zanv+oIzRS4rNyLLT+BBtLCvD+pTQpCY/mf 1zCg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1705230944; x=1705835744; h=content-transfer-encoding:mime-version:message-id:references :in-reply-to:user-agent:subject:to:from:date:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=ET+tLxd4wDUYO1HBEeSTbVfs/kYJRMouh8JN+QMi7vQ=; b=fMcwdglXiyzJVEVdy1R0a1xGYFYX6ekSRvIAsgQqmlIMHLmWkSu8HCFE5VhXVqlDx7 reMuNoHTisRpPsXGyREkyBX+/hona26cPwCCTeTsfT0h4euKHpK9uI1V71hDFBhweG1L +ub2qxBcfDp/XoVSJYWfZer6KhJswmskxG8jNkLd4snfr6qbpLtYKCrMA4cfa8+HubZU 5E9Dq9p4ey+v1h7+U38Scj6ONwHDt8O2c/irqiLxLXW2ICfJWm3p1NPRVfCRxaK+4ES1 vR1K8piBHP/15SWJRB/C0N/v2DChERtnJGgI11LPgc4AAdjdYWEYGBk540116Vu7U26z vtGA==
X-Gm-Message-State: AOJu0Ywgf7aqG5lo5O4hXRMmBe+UvVHDXAKCA+f7VKTdTP878JXy7x/c WlJEQfuynU3n7URfL2BcPWVjR/jvHcE=
X-Google-Smtp-Source: AGHT+IEwk3plOdeVT8Fjj1qo9B3A48NtfDUX8jZ+8xE7+25oDueBC/VcMQeB0w8FLuyG22cTWGscSg==
X-Received: by 2002:a05:6808:13cc:b0:3bb:d757:2535 with SMTP id d12-20020a05680813cc00b003bbd7572535mr4799977oiw.54.1705230944279; Sun, 14 Jan 2024 03:15:44 -0800 (PST)
Received: from ?IPv6:::1? ([2406:5900:1038:12bf:f479:c9c8:c445:fd3f]) by smtp.gmail.com with ESMTPSA id a4-20020aa780c4000000b006d9abaf83ebsm5873855pfn.164.2024.01.14.03.15.43 for <acme@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 14 Jan 2024 03:15:43 -0800 (PST)
Date: Sun, 14 Jan 2024 20:15:39 +0900
From: Seo Suchan <tjtncks@gmail.com>
To: acme@ietf.org
User-Agent: K-9 Mail for Android
In-Reply-To: <CAGgd1Oc2=yXQvw+0sLZ+q5FKeg8N7_jxC-MdjaV9pjsmCNaEow@mail.gmail.com>
References: <CAChr6SypX6PN_00OQUzRbtyXeQYsuVeZeRjg9Xosk8uRTkzr2Q@mail.gmail.com> <CAEmnErfE=-HMKkf4MHUfYCLam0baWA+QnAA7tg_tREtPFvRhdQ@mail.gmail.com> <CAChr6SzGo-4RZ0TwfqcJhy4FzL53LmsWHpe9EmN5eN_GDhdLzw@mail.gmail.com> <CAOG=JU+YFE826M7aW_KJRXNw639QjvVgH4WryPJ++Xq+BGS+Uw@mail.gmail.com> <CAChr6Syg80PWYDBDA872gyUkPoVKWvr2zsRmOUs16mGawQPa6g@mail.gmail.com> <CAGgd1Oc2=yXQvw+0sLZ+q5FKeg8N7_jxC-MdjaV9pjsmCNaEow@mail.gmail.com>
Message-ID: <FB32F73C-0248-41EA-9E77-2DC6BD8429FF@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----NUVWRROMW283TR6BV4R5772POFJG0Z"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/KsSOkf6Hc7um3KuCelYz1Gu5IuE>
Subject: Re: [Acme] [Errata Held for Document Update] RFC8555 (6843)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 14 Jan 2024 11:15:49 -0000

Google bought the gTLD of .dev and .app and set HSTS on tld level.

On 2024년 1월 14일 오후 8시 1분 4초 GMT+09:00, Deb Cooley <debcooley1@gmail.com> 작성함:
>I had this marked as 'hold for update' (vs. 'verified').  I can't tell from
>the discussion how you think we should be handling it.
>
>I'm also not sure why .dev domains are being discussed.  How are .dev
>domains obtaining test certificates (because one should not be issuing
>operational certificates, right?).
>
>Deb
>
>On Thu, Jan 11, 2024 at 10:21 PM Rob Sayre <sayrer@gmail.com> wrote:
>
>> On Thu, Jan 11, 2024 at 7:15 PM Amir Omidi <amir@aaomidi.com> wrote:
>>
>>> There is nothing blocking .dev domains responding over http. To be
>>> specific, a TLD can not block a protocol like that.
>>>
>>
>> Right, but one should not expect to get a redirect response. The server
>> shouldn't answer (many of them do, which is a bug). I filed the bug on iOS
>> for this one. They did fix it in short order. :)
>>
>> thanks,
>> Rob
>>
>> _______________________________________________
>> Acme mailing list
>> Acme@ietf.org
>> https://www.ietf.org/mailman/listinfo/acme
>>

v2.23.0 | Report a Bug | By Email