IETF Logo Mail Archive

[certid] wrt -tls-server-id-check "profileability"

=JeffH <Jeff.Hodges@KingsMountain.com> Tue, 13 July 2010 20:49 UTC

Return-Path: <Jeff.Hodges@KingsMountain.com>
X-Original-To: certid@core3.amsl.com
Delivered-To: certid@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DB8BF3A67D7 for <certid@core3.amsl.com>; Tue, 13 Jul 2010 13:49:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.077
X-Spam-Level:
X-Spam-Status: No, score=-1.077 tagged_above=-999 required=5 tests=[AWL=1.188, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b4sXbaMEtMcP for <certid@core3.amsl.com>; Tue, 13 Jul 2010 13:49:11 -0700 (PDT)
Received: from cpoproxy2-pub.bluehost.com (cpoproxy2-pub.bluehost.com [67.222.39.38]) by core3.amsl.com (Postfix) with SMTP id F00F73A6831 for <certid@ietf.org>; Tue, 13 Jul 2010 13:49:10 -0700 (PDT)
Received: (qmail 11624 invoked by uid 0); 13 Jul 2010 20:49:20 -0000
Received: from unknown (HELO box514.bluehost.com) (74.220.219.114) by cpoproxy2.bluehost.com with SMTP; 13 Jul 2010 20:49:20 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=kingsmountain.com; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:Content-Type:Content-Transfer-Encoding:X-Identified-User; b=5vhL1SdDgXmABrV3tGm2Et42yNu9VoMcu5ZDo17FQxmKVmUirBysfvbDxHmnSLnKULIdM57vgbAXSWeW+QkcHec5QarrNFWu1dcw4k05qGfpBzIjcE7I7y38Vq6yzK05;
Received: from c-24-4-122-173.hsd1.ca.comcast.net ([24.4.122.173] helo=[192.168.11.10]) by box514.bluehost.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <Jeff.Hodges@KingsMountain.com>) id 1OYmPn-0006Dh-LB for certid@ietf.org; Tue, 13 Jul 2010 14:49:19 -0600
Message-ID: <4C3CD14D.2010705@KingsMountain.com>
Date: Tue, 13 Jul 2010 13:49:17 -0700
From: =JeffH <Jeff.Hodges@KingsMountain.com>
User-Agent: Thunderbird 2.0.0.24 (X11/20100411)
MIME-Version: 1.0
To: IETF cert-based identity <certid@ietf.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Identified-User: {11025:box514.bluehost.com:kingsmou:kingsmountain.com} {sentby:smtp auth 24.4.122.173 authed with jeff.hodges+kingsmountain.com}
Subject: [certid] wrt -tls-server-id-check "profileability"
X-BeenThere: certid@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Representation and verification of identity in certificates <certid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/certid>, <mailto:certid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/certid>
List-Post: <mailto:certid@ietf.org>
List-Help: <mailto:certid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/certid>, <mailto:certid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Jul 2010 20:49:12 -0000

StPeter indicates that -tls-server-id-check is "profileable". E.g. 
draft-ietf-xmpp-3920bis explicitly profiles -tls-server-id-check in its section 
"13.7.1.2. Server Certificates"..

<http://tools.ietf.org/html/draft-ietf-xmpp-3920bis-10#section-13.7.1.2>

..although we don't make it explicitly clear (it seems to me/peter) in 
-tls-server-id-check that it is indeed profileable, nor how to go about 
profiling it.


So is it the case that at this time we're regarding _all_ the stuff in section 
1.2.2 to be the degrees of profileability freedom?

=JeffH

v2.8.7 | Report a Bug | By Email