IETF Logo Mail Archive

I-D Action: draft-ietf-httpbis-expect-ct-01.txt

internet-drafts@ietf.org Wed, 24 May 2017 22:00 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EDC57129B9C for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 24 May 2017 15:00:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UHKSXhW_M-0R for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 24 May 2017 15:00:53 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B632129B81 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 24 May 2017 15:00:53 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1dDeH5-0002pH-HN for ietf-http-wg-dist@listhub.w3.org; Wed, 24 May 2017 21:56:59 +0000
Resent-Date: Wed, 24 May 2017 21:56:59 +0000
Resent-Message-Id: <E1dDeH5-0002pH-HN@frink.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by frink.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <internet-drafts@ietf.org>) id 1dDeGv-0002o4-F2 for ietf-http-wg@listhub.w3.org; Wed, 24 May 2017 21:56:49 +0000
Received: from mail.ietf.org ([4.31.198.44]) by mimas.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <internet-drafts@ietf.org>) id 1dDeGo-0005Y4-F7 for ietf-http-wg@w3.org; Wed, 24 May 2017 21:56:43 +0000
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id BEE77129B81; Wed, 24 May 2017 14:56:15 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: ietf-http-wg@w3.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.51.0
Auto-Submitted: auto-generated
Message-ID: <149566297573.8692.530174270532868453@ietfa.amsl.com>
Date: Wed, 24 May 2017 14:56:15 -0700
Received-SPF: pass client-ip=4.31.198.44; envelope-from=internet-drafts@ietf.org; helo=mail.ietf.org
X-W3C-Hub-Spam-Status: No, score=-6.2
X-W3C-Hub-Spam-Report: AWL=0.050, BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1dDeGo-0005Y4-F7 2cbacf555a99effc3d2e358e0c63e18d
X-Original-To: ietf-http-wg@w3.org
Subject: I-D Action: draft-ietf-httpbis-expect-ct-01.txt
Archived-At: <http://www.w3.org/mid/149566297573.8692.530174270532868453@ietfa.amsl.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/33948
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Hypertext Transfer Protocol of the IETF.

        Title           : Expect-CT Extension for HTTP
        Author          : Emily Stark
	Filename        : draft-ietf-httpbis-expect-ct-01.txt
	Pages           : 17
	Date            : 2017-05-24

Abstract:
   This document defines a new HTTP header, named Expect-CT, that allows
   web host operators to instruct user agents to expect valid Signed
   Certificate Timestamps (SCTs) to be served on connections to these
   hosts.  When configured in enforcement mode, user agents (UAs) will
   remember that hosts expect SCTs and will refuse connections that do
   not conform to the UA's Certificate Transparency policy.  When
   configured in report-only mode, UAs will report the lack of valid
   SCTs to a URI configured by the host, but will allow the connection.
   By turning on Expect-CT, web host operators can discover
   misconfigurations in their Certificate Transparency deployments and
   ensure that misissued certificates accepted by UAs are discoverable
   in Certificate Transparency logs.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-httpbis-expect-ct/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-httpbis-expect-ct-01
https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-expect-ct-01

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-httpbis-expect-ct-01


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

v2.23.0 | Report a Bug | By Email