Re: [certid] Fwd: RFC 6125 on TLS Server ID Check
=JeffH <Jeff.Hodges@KingsMountain.com> Thu, 31 March 2011 13:56 UTC
Return-Path: <Jeff.Hodges@KingsMountain.com>
X-Original-To: certid@core3.amsl.com
Delivered-To: certid@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 475BC3A6B10 for <certid@core3.amsl.com>; Thu, 31 Mar 2011 06:56:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.628
X-Spam-Level:
X-Spam-Status: No, score=-100.628 tagged_above=-999 required=5 tests=[AWL=1.037, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, J_CHICKENPOX_22=0.6, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 21Yx5VMNof+9 for <certid@core3.amsl.com>; Thu, 31 Mar 2011 06:56:21 -0700 (PDT)
Received: from cpoproxy2-pub.bluehost.com (cpoproxy2-pub.bluehost.com [67.222.39.38]) by core3.amsl.com (Postfix) with SMTP id 4B8433A6B0E for <certid@ietf.org>; Thu, 31 Mar 2011 06:56:21 -0700 (PDT)
Received: (qmail 2583 invoked by uid 0); 31 Mar 2011 13:58:01 -0000
Received: from unknown (HELO box514.bluehost.com) (74.220.219.114) by cpoproxy2.bluehost.com with SMTP; 31 Mar 2011 13:58:00 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=kingsmountain.com; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:Content-Type:Content-Transfer-Encoding:X-Identified-User; b=WxsTERnEFk0xZ/VaKcWzvjhCuX0e3kG7UygkID5J/9+BRMCHe54sW9jDBDXFhyem4FLmEbNO8JNAWi0zikpqoRbeBiLnDzzbqsbTCal0NAGL4BegMipPB2JxUsNygJHi;
Received: from dhcp-5359.meeting.ietf.org ([130.129.83.89]) by box514.bluehost.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <Jeff.Hodges@KingsMountain.com>) id 1Q5INs-0005Ad-Gs for certid@ietf.org; Thu, 31 Mar 2011 07:58:00 -0600
Message-ID: <4D948866.6080203@KingsMountain.com>
Date: Thu, 31 Mar 2011 06:57:58 -0700
From: =JeffH <Jeff.Hodges@KingsMountain.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.14) Gecko/20110223 Thunderbird/3.1.8
MIME-Version: 1.0
To: IETF cert-based identity <certid@ietf.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Identified-User: {11025:box514.bluehost.com:kingsmou:kingsmountain.com} {sentby:smtp auth 130.129.83.89 authed with jeff.hodges+kingsmountain.com}
Subject: Re: [certid] Fwd: RFC 6125 on TLS Server ID Check
X-BeenThere: certid@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Representation and verification of identity in certificates <certid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/certid>, <mailto:certid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/certid>
List-Post: <mailto:certid@ietf.org>
List-Help: <mailto:certid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/certid>, <mailto:certid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 Mar 2011 13:56:22 -0000
>> Title: Representation and Verification of Domain-Based >> Application Service Identity within Internet Public >> Key Infrastructure Using X.509 (PKIX) Certificates >> in the Context of > > tl;dr. by which PeterG sez he means.. "too long; didn't read." lol, indeed. Please note, tho.. 1. yes, we overlooked having a short subtitle eg "TLS Server ID Check". mea culpa. ( 2. the title is verbose in part to facilitate maximizing hits when folks are searching/grep'g thru the RFC Index 3. the spec itself is (too) long due to PKIX/X.509 baroqueness and the variety of manners in which various protocols have decided to employ it. Nature of the beast and all. But now the spec is done and all this folklore is finally written down in one place (hopefully rather than being re-invented over & over in individual protocol specs), and we can go pay attention to newer, hopefully more simple stuff (famous last words) e.g. DANE. Thanks again for everyone's help in reviewing and contributing to 6125. By my count we have 58 or so ack'd contributors. thanks again, =JeffH