Re: https at ietf.org
"Marco Davids (Prive)" <mdavids@forfun.net> Thu, 07 November 2013 00:17 UTC
Return-Path: <mdavids@forfun.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07D5721E811A for <ietf@ietfa.amsl.com>; Wed, 6 Nov 2013 16:17:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id phQp+ZeMFR4k for <ietf@ietfa.amsl.com>; Wed, 6 Nov 2013 16:17:05 -0800 (PST)
Received: from mail-ea0-x233.google.com (mail-ea0-x233.google.com [IPv6:2a00:1450:4013:c01::233]) by ietfa.amsl.com (Postfix) with ESMTP id E56D621E8185 for <ietf@ietf.org>; Wed, 6 Nov 2013 16:16:52 -0800 (PST)
Received: by mail-ea0-f179.google.com with SMTP id q15so91840ead.38 for <ietf@ietf.org>; Wed, 06 Nov 2013 16:16:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=forfun.net; s=google; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=Rf8oQ67Wld2U5i9KbO+me3cBq0kVEF+d3s/SzRX6DsI=; b=QC6zsam51PZsBYVrT18Za7LaZ+7U0t1iHk4GxM/8U7ETIElKq2E9aLERinHIKCBYw8 Dhe2rnLbTXvBpPpDGaoNZSezDqlJIA55BAk2WJUfja7AGIOkuUQeZ5AFZfQbNZ2Gz6OH OzVnoLk0zGbt1EYbncNXHbpoN83/3fHQkkcBo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type :content-transfer-encoding; bh=Rf8oQ67Wld2U5i9KbO+me3cBq0kVEF+d3s/SzRX6DsI=; b=lrnGILVFTHUj/XtKgCTq3lsHaPXKOXTlRTIopqXMfT39U2EFuotXOSKAdyESzR3Pwy bbyb4gYsZFxdX65P5XiJLow6jKYcRs0FYtxkBAf97gKztu5GuBK1bFGidSCkI3CWKnPD ZNLkw3D/hlr6GxCJ+F1/Y3OLW7HKwTpIfKIWEb9y3aRkaHTaPyY+pjVqDDm7Js64fq05 9a7LsivV4pImBnqMugypdlvq9EsmvsLJluDp3c6gFSPPhSRQqxx5CGDSFxhW8selYyzB /biwVIJb+4QvjdFPqgrfs5yrorWbzPDDaVwhLa70roIj6QfjvxDGAAiWoL33hi7g77oY tMTA==
X-Gm-Message-State: ALoCoQmVUa2ZymAd+vxhJHrZueazagIYXkW1Yo7cgHbQoFusUwD7e1bftzKI8jKskgyxXna7CP2H
X-Received: by 10.14.241.141 with SMTP id g13mr698985eer.75.1383783411244; Wed, 06 Nov 2013 16:16:51 -0800 (PST)
Received: from dhcp-ac6c.meeting.ietf.org ([2001:67c:370:168:796b:74aa:d55a:1311]) by mx.google.com with ESMTPSA id s3sm2007206eeo.3.2013.11.06.16.16.49 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 06 Nov 2013 16:16:50 -0800 (PST)
Message-ID: <527ADBEF.4080409@forfun.net>
Date: Wed, 06 Nov 2013 16:16:47 -0800
From: "Marco Davids (Prive)" <mdavids@forfun.net>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.1.0
MIME-Version: 1.0
To: "<ietf@ietf.org>" <ietf@ietf.org>
Subject: Re: https at ietf.org
References: <CAHBU6ivbrk=NXgd4_5Upik+8H0AbHRy3kJnN=8fcK+Bz3pOV9Q@mail.gmail.com> <alpine.LRH.2.01.1311051733570.4200@egate.xpasc.com> <01P0FR4HDQNG00004G@mauve.mrochek.com> <1614F470-50C9-46B1-8242-2AB967BBD87B@hopcount.ca> <5279AD41.4020707@forfun.net> <C565008C-0258-4472-BC0B-B6C2BF459AAB@checkpoint.com>
In-Reply-To: <C565008C-0258-4472-BC0B-B6C2BF459AAB@checkpoint.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2013 00:17:10 -0000
On 05/11/13 20:38, Yoav Nir wrote: >> Enabling 'HTTP Strict Transport Security' (HSTS, RFC6797) might be a >> good first step. > HSTS means that HTTP is off (or just redirects you to HTTPS). The first S stands for "strict" and we mean it. :-) > Well, not entirely; the redirect is strictly not part of HSTS. Without a redirect we give visitors an option; if you come in via http, fine... If you come in via https with a browser that understands HSTS, then it's https from that moment on. And once we're all used to that, we can add the redirect ;-) -- Marco
- Re: https at ietf.org Eric Burger
- https at ietf.org Tim Bray
- Re: https at ietf.org Joe Abley
- Re: https at ietf.org David Morris
- Re: https at ietf.org Paul Wouters
- Re: https at ietf.org Joe Abley
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org Dean Willis
- Re: https at ietf.org Tim Bray
- Re: https at ietf.org Joe Abley
- Re: https at ietf.org Hector Santos
- Re: https at ietf.org Marco Davids (Prive)
- Re: https at ietf.org Hector Santos
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org Yoav Nir
- Re: https at ietf.org Måns Nilsson
- Re: https at ietf.org Eric Burger
- Re: https at ietf.org Dave Cridland
- Re: https at ietf.org Thiago Marinello
- Re: https at ietf.org Bjoern Hoehrmann
- Re: https at ietf.org John C Klensin
- Re: https at ietf.org John C Klensin
- Re: https at ietf.org Ted Lemon
- authentication without https (was Re: https at ie… Dave Crocker
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org ned+ietf
- Re: authentication without https (was Re: https a… Ted Lemon
- Re: https at ietf.org MAISONNEUVE, JULIEN (JULIEN)
- Re: https at ietf.org Eric Burger
- Re: https at ietf.org Marco Davids (Prive)
- Re: https at ietf.org Yoav Nir
- Re: https at ietf.org Måns Nilsson
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org Carsten Bormann
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org Carsten Bormann
- Re: https at ietf.org Måns Nilsson
- Re: https at ietf.org Måns Nilsson
- Re: https at ietf.org t.p.
- Re: https at ietf.org Dave Cridland
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Arturo Servin
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org Noel Chiappa
- Re: https at ietf.org Dave Cridland
- Re: https at ietf.org Chris Inacio
- Re: https at ietf.org Noel Chiappa
- Re: https at ietf.org Tim Bray
- Re: https at ietf.org Tim Bray
- Re: https at ietf.org Yoav Nir
- Re: https at ietf.org t.p.
- Re: https at ietf.org Noel Chiappa
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Chris Inacio
- Re: https at ietf.org Martin Rex
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org ned+ietf
- Re: https at ietf.org Martin Rex
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org Måns Nilsson
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org Douglas Otis
- Re: https at ietf.org Pranesh Prakash
- Re: https at ietf.org Pranesh Prakash
- Re: https at ietf.org Martin Rex
- Re: https at ietf.org Dave Cridland
- Re: https at ietf.org John R Levine
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org Eric Burger
- Re: https at ietf.org Joe Abley
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org Joe Abley
- Coercion S Moonesamy
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Ted Lemon
- Re: https at ietf.org John Levine
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Michael Richardson
- Reconstruct the key S Moonesamy
- Re: https at ietf.org Randy Bush
- Re: https at ietf.org Randy Bush
- Re: https at ietf.org Joe Abley
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Sean Turner
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Doug Barton
- Re: https at ietf.org Doug Barton
- Re: [IETF] https at ietf.org Warren Kumari
- Re: [IETF] https at ietf.org Michael Richardson
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org David Conrad
- Re: https at ietf.org Doug Barton
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org Doug Barton
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org Mark Andrews
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org John C Klensin
- Re: https at ietf.org Doug Barton
- Re: https at ietf.org Phillip Hallam-Baker
- Re: https at ietf.org Douglas Otis