Re: [apps-discuss] For consideration as an appsawg document: draft-hoffman-server-has-tls-03.txt

Barry Leiba <> Tue, 25 January 2011 02:32 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E4A7F3A6B58 for <>; Mon, 24 Jan 2011 18:32:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -102.811
X-Spam-Status: No, score=-102.811 tagged_above=-999 required=5 tests=[AWL=0.166, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id h35gGi+ShqBn for <>; Mon, 24 Jan 2011 18:32:26 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id E4F633A6B54 for <>; Mon, 24 Jan 2011 18:32:25 -0800 (PST)
Received: by iwn40 with SMTP id 40so5126992iwn.31 for <>; Mon, 24 Jan 2011 18:35:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=gamma; h=domainkey-signature:mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=4kUKKHPO/j6VzYlwYWBXEzeGvQItqJnhruXa6nTNVFs=; b=lCItrWr6cfH/HxhFpgZmsf4pc9voSy2T/m2FEZ7zFvX80t8vrSXTskNXUw9/6W/CGv cV4gY7bR3MSoS/O6SDSYk0uWqM9GANA2TUytlxMMJZnuMALjoxj8qPo0n/4ITUrX3CXT l50uafqhZPnxPSX31YF7vKC3SERK60UMsCqHQ=
DomainKey-Signature: a=rsa-sha1; c=nofws;; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=tQnt5eyJbYlKSSWdxEDAwQ1wvITRp8xApMBhyURpyVOdV7+dmI0Ajx1bUsEW1CgiEt qkHRW9CO61qF0T5/Tvu7neL1pZ8/ietIb6Pqw6jyYoiFlGA4wdJEure2iD35OoxyuTJ+ YyeVtWouxoKsztJ7367v5ePLuzVzHLoEiWpqE=
MIME-Version: 1.0
Received: by with SMTP id jg5mr5825523icb.353.1295922922098; Mon, 24 Jan 2011 18:35:22 -0800 (PST)
Received: by with HTTP; Mon, 24 Jan 2011 18:35:22 -0800 (PST)
In-Reply-To: <>
References: <>
Date: Mon, 24 Jan 2011 21:35:22 -0500
X-Google-Sender-Auth: E6ujY7Dig3VOP_d3-LpJIn6qPc4
Message-ID: <>
From: Barry Leiba <>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: Paul Hoffman <>
Subject: Re: [apps-discuss] For consideration as an appsawg document: draft-hoffman-server-has-tls-03.txt
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: General discussion of application-layer protocols <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 25 Jan 2011 02:32:27 -0000

Jiankang, Alexey, and I have discussed this, and we think the document
(see below) is appropriate for the appsawg to adopt, review, and
discuss.  I would like to hear, as soon as possible and in any case by
4 Feb, any objections to adoption of the document by appsawg.  I am
also asking participants here to please review the document and begin
discussion on this mailing list.

Barry, as appsawg chair

On Sun, Jan 16, 2011 at 9:41 PM, Paul Hoffman <> wrote:
> Greetings again. I would like this WG to consider adopting the following
> draft as a WG item. It is definitely apps-related, and there is no other
> appropriate WG in the Applications or Security areas for it. It has been
> discussed in the websec WG, but that WG is limited to HTTP only (and this
> document covers TLS for all application protocols).
> FWIW, some of the topics in this draft are quite open for active discussion.
> The discussion in websec brought up some interesting issues, but they got
> discussed in the HTTP context only, and this WG would be a better place to
> discuss them for all server protocols.
> --Paul Hoffman
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
>        Title           : Specifying That a Server Supports TLS
>        Author(s)       : P. Hoffman
>        Filename        : draft-hoffman-server-has-tls-03.txt
>        Pages           : 8
>        Date            : 2011-01-16
> A server that hosts applications that can be run with or without TLS
> may want to communicate with clients whether the server is hosting an
> application only using TLS or also hosting the application without
> TLS.  Many clients have a policy to try to set up a TLS session but
> fall back to insecure if the TLS session cannot be set up.  If the
> server can securely communicate whether or not it can fall back to
> insecure tells such a client whether or not they should even try to
> set up an insecure session with the server.  This document describes
> the use cases for this type of communication and a secure method for
> communicating that information.
> A URL for this Internet-Draft is:
> _______________________________________________