Re: [dispatch] [RAI] MSRP Expert Review of draft-pd-dispatch-msrp-websocket-04

Iñaki Baz Castillo <ibc@aliax.net> Wed, 29 January 2014 18:18 UTC

MIME-Version: 1.0
In-Reply-To: <1E320318-64CE-4F8B-AB76-8C4A5244379A@cisco.com>
References: <45B84D8F-AD8C-4B28-90DF-9B1C40771104@nostrum.com> <6833E320-7B45-4FC2-853B-62311DCF7E7B@nostrum.com> <A25E55DD-59E3-4F43-BE9A-6304378FAE0B@cisco.com> <CALiegf=mn1Lg6ihhf8hamn6rVpkLnF3ydGxm1tK1JaNMaioxoQ@mail.gmail.com> <CAEqTk6Q2Dv4a2P-8KJtK=xGZx=mmayt_YdagF2=JyoJ1oYQu7w@mail.gmail.com> <1E320318-64CE-4F8B-AB76-8C4A5244379A@cisco.com>
From: Iñaki Baz Castillo <ibc@aliax.net>
Date: Wed, 29 Jan 2014 19:17:40 +0100
Message-ID: <CALiegfmWXmOYu2gQj8b6=JgC2CfZoFJqebM=E6OrJ6j-QwLepg@mail.gmail.com>
To: "Cullen Jennings (fluffy)" <fluffy@cisco.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: Ben Campbell <ben@nostrum.com>, DISPATCH <dispatch@ietf.org>, "rai@ietf.org" <rai@ietf.org>, "draft-pd-dispatch-msrp-websocket.all@tools.ietf.org" <draft-pd-dispatch-msrp-websocket.all@tools.ietf.org>
Subject: Re: [dispatch] [RAI] MSRP Expert Review of draft-pd-dispatch-msrp-websocket-04
Precedence: list

2014-01-29 Cullen Jennings (fluffy) <fluffy@cisco.com>:
> On Jan 29, 2014, at 10:16 AM, Peter Dunkley <peter.dunkley@crocodilertc.net> wrote:
>
>> Even if TLS is left as MUST all of the additional checks from the RFC cannot be enforced on the client because (in a browser) you don't have any access to that information.
>
> So help educate me on what is missing and lets go get that fixed in web sockets.

The browser inspects the certificate retrieved from the WS server in
the same way than when the browser connects to a HTTPS site. And the
certificate inspection means matching the server domain with the CN or
SubjectAltNames fields (DNS entries) and others usual checks.

-- 
Iñaki Baz Castillo
<ibc@aliax.net>

[dispatch] MSRP Expert Review of draft-pd-dispatc… Ben Campbell
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Ben Campbell
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Peter Dunkley
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Ben Campbell
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Peter Dunkley
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Cullen Jennings (fluffy)
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Iñaki Baz Castillo
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Ben Campbell
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Cullen Jennings (fluffy)
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Iñaki Baz Castillo
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Peter Dunkley
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Mary Barnes
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Peter Dunkley
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Mary Barnes
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Cullen Jennings (fluffy)
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Ben Campbell
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Iñaki Baz Castillo
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Cullen Jennings (fluffy)
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Peter Dunkley
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Cullen Jennings (fluffy)
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Peter Dunkley
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Mary Barnes
Re: [dispatch] [RAI] MSRP Expert Review of draft-… DRAGE, Keith (Keith)
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Olle E. Johansson
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Olle E. Johansson
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Cullen Jennings (fluffy)
Re: [dispatch] [RAI] MSRP Expert Review of draft-… Iñaki Baz Castillo
Re: [dispatch] MSRP Expert Review of draft-pd-dis… Peter Dunkley