IETF Logo Mail Archive

Re: [certid] review of draft-saintandre-tls-server-id-check-09

Matt McCutchen <matt@mattmccutchen.net> Fri, 24 September 2010 05:14 UTC

Return-Path: <matt@mattmccutchen.net>
X-Original-To: certid@core3.amsl.com
Delivered-To: certid@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 428D13A6AA2 for <certid@core3.amsl.com>; Thu, 23 Sep 2010 22:14:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.582
X-Spam-Level:
X-Spam-Status: No, score=-2.582 tagged_above=-999 required=5 tests=[AWL=0.017, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zyUp4VXGffwN for <certid@core3.amsl.com>; Thu, 23 Sep 2010 22:14:23 -0700 (PDT)
Received: from homiemail-a60.g.dreamhost.com (caiajhbdccac.dreamhost.com [208.97.132.202]) by core3.amsl.com (Postfix) with ESMTP id 780CB3A6A3F for <certid@ietf.org>; Thu, 23 Sep 2010 22:13:55 -0700 (PDT)
Received: from homiemail-a60.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a60.g.dreamhost.com (Postfix) with ESMTP id 582FD3BC065; Thu, 23 Sep 2010 22:14:05 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=mattmccutchen.net; h=subject:from :to:cc:in-reply-to:references:content-type:date:message-id :mime-version:content-transfer-encoding; q=dns; s= mattmccutchen.net; b=mVVDc6BHOA1UfePTF7YlqEbeQu389w3B2mJa5MdUVRf ZjKV0i4VatPBuqr8A3aVURgygtoF8VgduRt7el2fI7nnHG6jndnxORUZYMXnfTaR 9NXv4SyRdO3wSIBAq3EN9GoV+qa/paqDe9VzF0RvNUkkSXPKnC7YA+zTh2h49PYE =
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=mattmccutchen.net; h= subject:from:to:cc:in-reply-to:references:content-type:date :message-id:mime-version:content-transfer-encoding; s= mattmccutchen.net; bh=mSt3y2ql6iXJBpffdPnPb13e1Ik=; b=H8yh6s6eQe DKqT/o0mPSxlyqqXR0C7EkqhF0rI6jphY1OFBFsOtcuYGq3Q5WPJrS421HNNSLoP wW9TVAjboGiDR1W1YP0pireaMWV85MTguMGrFkphqPMoo6z1XLDQgimSC/ZmHX/M sio8AtDoRs+zRMA9Kxm9VkNAoCX8zPd4w=
Received: from [129.2.249.209] (ml2.student.umd.edu [129.2.249.209]) (Authenticated sender: matt@mattmccutchen.net) by homiemail-a60.g.dreamhost.com (Postfix) with ESMTPA id F21AF3BC063; Thu, 23 Sep 2010 22:14:04 -0700 (PDT)
From: Matt McCutchen <matt@mattmccutchen.net>
To: mrex@sap.com
In-Reply-To: <201009230148.o8N1m825020375@fs4113.wdf.sap.corp>
References: <201009230148.o8N1m825020375@fs4113.wdf.sap.corp>
Content-Type: text/plain; charset="UTF-8"
Date: Fri, 24 Sep 2010 01:14:04 -0400
Message-ID: <1285305244.1939.353.camel@mattlaptop2.local>
Mime-Version: 1.0
X-Mailer: Evolution 2.30.4
Content-Transfer-Encoding: 7bit
Cc: certid@ietf.org
Subject: Re: [certid] review of draft-saintandre-tls-server-id-check-09
X-BeenThere: certid@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Representation and verification of identity in certificates <certid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/certid>, <mailto:certid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/certid>
List-Post: <mailto:certid@ietf.org>
List-Help: <mailto:certid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/certid>, <mailto:certid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Sep 2010 05:14:28 -0000

On Thu, 2010-09-23 at 03:48 +0200, Martin Rex wrote:
> Henry B. Hotz wrote:
> > 
> > [...] For example the user may trust a dedicated discovery service
> > or identity service that securely redirects requests from the source
> > to a target domain.  
> 
> Thinking about it, I feel slightly uneasy about some redirects, such as
> https://gmail.com  -> 301 ->  https://mail.google.com/mail

The point from the draft was about a service that maps source domains to
target domains.  A HTTP redirect is different: it is an instruction to
restart the process with a new source domain.

-- 
Matt

v2.8.7 | Report a Bug | By Email