Re: https at ietf.org
"Marco Davids (Prive)" <mdavids@forfun.net> Wed, 06 November 2013 02:45 UTC
Return-Path: <mdavids@forfun.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 30C0B11E81E0 for <ietf@ietfa.amsl.com>; Tue, 5 Nov 2013 18:45:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nc5p5csNGS7u for <ietf@ietfa.amsl.com>; Tue, 5 Nov 2013 18:45:34 -0800 (PST)
Received: from mail-ee0-x236.google.com (mail-ee0-x236.google.com [IPv6:2a00:1450:4013:c00::236]) by ietfa.amsl.com (Postfix) with ESMTP id B0E2F11E81F4 for <ietf@ietf.org>; Tue, 5 Nov 2013 18:45:31 -0800 (PST)
Received: by mail-ee0-f54.google.com with SMTP id c50so2225165eek.13 for <ietf@ietf.org>; Tue, 05 Nov 2013 18:45:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=forfun.net; s=google; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=bDwKEnyU46kHlkRPT5eh1gOvmbHXORF1CNw45dLcMc0=; b=p5xKicjoztpcvjxa3Br4L0XqzNnewlAFeEbeXNJeCO/QSkADkL1TAfDVeRFlz/Q82h gWEflRgI9ijXxNuYHtfZHzn3ih2xJDXKCckY97kquBZ7uYRaz6BsBkwIHNEoMkvSto+l vuwmSmIhnhg5ZrlzBG63k6Ih6FE0BT4FUFpFc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=bDwKEnyU46kHlkRPT5eh1gOvmbHXORF1CNw45dLcMc0=; b=eg7IYYXXtNLfFKBWxKFnLDwIrbS9d0ftb82BPf2aEOlqCH/rxCbyaoerqTANHBsA5K HXndIAgk9hjKXuWyzgc6cTUSNXld2Ckf8cPCBoanpPRueZbxb5KGWG313JWANK+BrguE kx9Bl4MdMStYkwr7ySGdlgTDJsoIJ3WXmicTvyrjc0URjQOotFaiS0w1oGv3CvrXgRMM EQJz4DdmAjQLCEuPKXEAQQAcgCnsKu2kvIFmSf/JJPM7NN7TYvRbuc3KUtQHmze/kz19 rVwva/76RlL5z83rnLyC+RzgRVLXhDauK9HwGN0/YcUJ9w8bOpisRVkNi8aP4t9EV6h2 O1Bw==
X-Gm-Message-State: ALoCoQnyXuC+cDxyBfCznQbgmbybUmIluC1kP3KRLyTuDKQbMRr+WW5RWyRHVqcggzcpUUiH4WPE
X-Received: by 10.14.210.8 with SMTP id t8mr780129eeo.39.1383705928528; Tue, 05 Nov 2013 18:45:28 -0800 (PST)
Received: from dhcp-ac6c.meeting.ietf.org ([2001:67c:370:168:8d6f:36e3:baf6:e73b]) by mx.google.com with ESMTPSA id 8sm36370415eem.15.2013.11.05.18.45.26 for <ietf@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 05 Nov 2013 18:45:27 -0800 (PST)
Message-ID: <5279AD41.4020707@forfun.net>
Date: Tue, 05 Nov 2013 18:45:21 -0800
From: "Marco Davids (Prive)" <mdavids@forfun.net>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Thunderbird/24.1.0
MIME-Version: 1.0
To: ietf@ietf.org
Subject: Re: https at ietf.org
References: <CAHBU6ivbrk=NXgd4_5Upik+8H0AbHRy3kJnN=8fcK+Bz3pOV9Q@mail.gmail.com> <alpine.LRH.2.01.1311051733570.4200@egate.xpasc.com> <01P0FR4HDQNG00004G@mauve.mrochek.com> <1614F470-50C9-46B1-8242-2AB967BBD87B@hopcount.ca>
In-Reply-To: <1614F470-50C9-46B1-8242-2AB967BBD87B@hopcount.ca>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Nov 2013 02:45:35 -0000
On 11/5/13 6:39 PM, Joe Abley wrote: > On 2013-11-05, at 18:21, ned+ietf@mauve.mrochek.com wrote: > >> not every tool out there supports https. > That seems like the kind of thing we want to change (security as an afterthought vs. security as a fundamental requirement). > Enabling 'HTTP Strict Transport Security' (HSTS, RFC6797) might be a good first step. -- Marco
- Re: https at ietf.org Eric Burger
- https at ietf.org Tim Bray
- Re: https at ietf.org Joe Abley
- Re: https at ietf.org David Morris
- Re: https at ietf.org Paul Wouters
- Re: https at ietf.org Joe Abley
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org Dean Willis
- Re: https at ietf.org Tim Bray
- Re: https at ietf.org Joe Abley
- Re: https at ietf.org Hector Santos
- Re: https at ietf.org Marco Davids (Prive)
- Re: https at ietf.org Hector Santos
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org Yoav Nir
- Re: https at ietf.org Måns Nilsson
- Re: https at ietf.org Eric Burger
- Re: https at ietf.org Dave Cridland
- Re: https at ietf.org Thiago Marinello
- Re: https at ietf.org Bjoern Hoehrmann
- Re: https at ietf.org John C Klensin
- Re: https at ietf.org John C Klensin
- Re: https at ietf.org Ted Lemon
- authentication without https (was Re: https at ie… Dave Crocker
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org ned+ietf
- Re: authentication without https (was Re: https a… Ted Lemon
- Re: https at ietf.org MAISONNEUVE, JULIEN (JULIEN)
- Re: https at ietf.org Eric Burger
- Re: https at ietf.org Marco Davids (Prive)
- Re: https at ietf.org Yoav Nir
- Re: https at ietf.org Måns Nilsson
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org Carsten Bormann
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org Carsten Bormann
- Re: https at ietf.org Måns Nilsson
- Re: https at ietf.org Måns Nilsson
- Re: https at ietf.org t.p.
- Re: https at ietf.org Dave Cridland
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Arturo Servin
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org Noel Chiappa
- Re: https at ietf.org Dave Cridland
- Re: https at ietf.org Chris Inacio
- Re: https at ietf.org Noel Chiappa
- Re: https at ietf.org Tim Bray
- Re: https at ietf.org Tim Bray
- Re: https at ietf.org Yoav Nir
- Re: https at ietf.org t.p.
- Re: https at ietf.org Noel Chiappa
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Chris Inacio
- Re: https at ietf.org Martin Rex
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org Martin Rex
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org Måns Nilsson
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org Douglas Otis
- Re: https at ietf.org Pranesh Prakash
- Re: https at ietf.org Pranesh Prakash
- Re: https at ietf.org Martin Rex
- Re: https at ietf.org Dave Cridland
- Re: https at ietf.org John R Levine
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org Eric Burger
- Re: https at ietf.org Joe Abley
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org Joe Abley
- Coercion S Moonesamy
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org John Levine
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Michael Richardson
- Reconstruct the key S Moonesamy
- Re: https at ietf.org Randy Bush
- Re: https at ietf.org Randy Bush
- Re: https at ietf.org Joe Abley
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Sean Turner
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Doug Barton
- Re: https at ietf.org Doug Barton
- Re: [IETF] https at ietf.org Warren Kumari
- Re: [IETF] https at ietf.org Michael Richardson
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Doug Barton
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org Doug Barton
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org Mark Andrews
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org John C Klensin
- Re: https at ietf.org Doug Barton
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org Douglas Otis