Call for Adoption: Secondary Certificate Authentication in HTTP/2
Mark Nottingham <mnot@mnot.net> Fri, 24 June 2016 00:52 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C132B12D0C0 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 23 Jun 2016 17:52:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.347
X-Spam-Level:
X-Spam-Status: No, score=-8.347 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.426, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Wwv6jX3DJvEQ for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 23 Jun 2016 17:52:45 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CFF512D5CC for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 23 Jun 2016 17:45:51 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1bGFBm-0000hC-9e for ietf-http-wg-dist@listhub.w3.org; Fri, 24 Jun 2016 00:41:42 +0000
Resent-Date: Fri, 24 Jun 2016 00:41:42 +0000
Resent-Message-Id: <E1bGFBm-0000hC-9e@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1bGFBg-0000gO-0E for ietf-http-wg@listhub.w3.org; Fri, 24 Jun 2016 00:41:36 +0000
Received: from mxout-07.mxes.net ([216.86.168.182]) by lisa.w3.org with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from <mnot@mnot.net>) id 1bGFBa-0008G2-8Q for ietf-http-wg@w3.org; Fri, 24 Jun 2016 00:41:35 +0000
Received: from [192.168.1.101] (unknown [120.149.194.112]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id 5FB4722E1F3 for <ietf-http-wg@w3.org>; Thu, 23 Jun 2016 20:41:06 -0400 (EDT)
From: Mark Nottingham <mnot@mnot.net>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <F9D2CFF3-57C2-41BD-ACB1-FA6C991458D7@mnot.net>
Date: Fri, 24 Jun 2016 10:41:03 +1000
To: HTTP Working Group <ietf-http-wg@w3.org>
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
X-Mailer: Apple Mail (2.3124)
Received-SPF: pass client-ip=216.86.168.182; envelope-from=mnot@mnot.net; helo=mxout-07.mxes.net
X-W3C-Hub-Spam-Status: No, score=-8.3
X-W3C-Hub-Spam-Report: AWL=1.339, BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: lisa.w3.org 1bGFBa-0008G2-8Q ea6dd134bf8a1d7b1711ca4983a071ce
X-Original-To: ietf-http-wg@w3.org
Subject: Call for Adoption: Secondary Certificate Authentication in HTTP/2
Archived-At: <http://www.w3.org/mid/F9D2CFF3-57C2-41BD-ACB1-FA6C991458D7@mnot.net>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/31776
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
<https://tools.ietf.org/html/draft-bishop-httpbis-http2-additional-certs> We've discussed carrying certificates and related artefacts in HTTP for a long time. This draft from Mike and Martin is an evolution of several previous approaches. Please state whether you support adoption, and ideally why. Expressions of interest in implementation would also be very helpful. We'll wait at least one week before making a decision. Cheers, -- Mark Nottingham https://www.mnot.net/
- Re: Call for Adoption: Secondary Certificate Auth… Martin Thomson
- Re: Call for Adoption: Secondary Certificate Auth… Eric Rescorla
- RE: Call for Adoption: Secondary Certificate Auth… Mike Bishop
- Re: Call for Adoption: Secondary Certificate Auth… Eric Rescorla
- Re: Call for Adoption: Secondary Certificate Auth… Martin Thomson
- Re: Call for Adoption: Secondary Certificate Auth… Ilari Liusvaara
- Re: Call for Adoption: Secondary Certificate Auth… Martin Thomson
- Re: Call for Adoption: Secondary Certificate Auth… Nick Sullivan
- RE: Call for Adoption: Secondary Certificate Auth… Mike Bishop
- Re: Call for Adoption: Secondary Certificate Auth… Cory Benfield
- Re: Call for Adoption: Secondary Certificate Auth… Ilari Liusvaara
- Call for Adoption: Secondary Certificate Authenti… Mark Nottingham
- Re: Call for Adoption: Secondary Certificate Auth… Ilari Liusvaara
- Re: Call for Adoption: Secondary Certificate Auth… Martin Thomson
- Re: Call for Adoption: Secondary Certificate Auth… Ilari Liusvaara
- Re: Call for Adoption: Secondary Certificate Auth… Amos Jeffries
- RE: Call for Adoption: Secondary Certificate Auth… Mike Bishop
- Re: Call for Adoption: Secondary Certificate Auth… Patrick McManus
- Re: Call for Adoption: Secondary Certificate Auth… Kazuho Oku
- Re: Call for Adoption: Secondary Certificate Auth… Nick Sullivan