Re: Last Call: RFC 2818 (HTTP Over TLS) to Proposed Standard
Peter Saint-Andre <stpeter@stpeter.im> Mon, 11 June 2012 20:31 UTC
Return-Path: <stpeter@stpeter.im>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0EFAA21F8629 for <ietf@ietfa.amsl.com>; Mon, 11 Jun 2012 13:31:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lUg-dzjCBvBz for <ietf@ietfa.amsl.com>; Mon, 11 Jun 2012 13:31:24 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 228F721F85CD for <ietf@ietf.org>; Mon, 11 Jun 2012 13:31:24 -0700 (PDT)
Received: from [64.101.72.115] (unknown [64.101.72.115]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 9F3B640081; Mon, 11 Jun 2012 14:48:29 -0600 (MDT)
Message-ID: <4FD65599.8020807@stpeter.im>
Date: Mon, 11 Jun 2012 14:31:21 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20120601 Thunderbird/13.0
MIME-Version: 1.0
To: Alexey Melnikov <alexey.melnikov@isode.com>
Subject: Re: Last Call: RFC 2818 (HTTP Over TLS) to Proposed Standard
References: <20120601164205.25357.54620.idtracker@ietfa.amsl.com> <6.2.5.6.2.20120601123737.0acca170@resistor.net> <A33D3784-6B07-46FA-9600-50CADF6EE4DF@isode.com>
In-Reply-To: <A33D3784-6B07-46FA-9600-50CADF6EE4DF@isode.com>
X-Enigmail-Version: 1.4.2
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: SM <sm@resistor.net>, Mark Nottingham <mnot@mnot.net>, "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Jun 2012 20:31:25 -0000
On 6/10/12 11:39 AM, Alexey Melnikov wrote: > Adding to what SM already wrote (and yes, I've reread the whole > document): > > On 1 Jun 2012, at 21:23, SM <sm@resistor.net> wrote: > >> At 09:42 01-06-2012, IESG Secretary wrote: >>> The IESG has received a request from the TLS Working Group to >>> reclassify RFC 2818 (HTTP Over TLS) to Proposed Standard. >>> >>> The IESG plans to make a decision in the next few weeks, and >>> solicits final comments on this action. Please send substantive >>> comments to the ietf at ietf.org mailing lists by >> >> Could the IESG please use ietf@ietf.org instead of obfuscating the >> email address? Some of us are lazy especially on Fridays. >> >> Erratum #1077 has been classified as "Held for Document Update". >> Will there ever be a document update? Implementing this >> specification requires HTTP/1.1 and TLS 1.0. I suggest updating >> the reference to RFC 4346 at least and waiting for the updated HTTP >> specifications. >> > > Yes, it would be worth doing that if the document is reopened. > >> St. Andre and Mr. Hodges authored a Proposed Standard called >> "Representation and Verification of Domain-Based Application >> Service Identity within Internet Public Key Infrastructure Using >> X.509 (PKIX) Certificates in the Context of Transport Layer >> Security (TLS)". Quoting from Section 1.4: >> >> "the procedures described here can be referenced by future >> specifications, including updates to specifications for existing >> application protocols if the relevant technology communities agree >> to do so." >> >> May I suggest taking the above into consideration and at least put >> some minimal effort into a 2818bis? >> > > Not surprisingly I agree with you. > > Also note that HTTPBis WG has folded the updated definition of > https:// URI schemes (Section 2.4 of RFC 2818) into one of its > documents. I think it would be good to make it clear to readers which > document defines the URI scheme. RFC 2818 is extremely minimal in its description of the 'https' URI scheme. At least draft-ietf-httpbis-p1-messaging is a bit more complete. However, the IANA Considerations of the latter document need to be modified so that they instruct the IANA to change the data in the URI schemes registry. > As far as reopening the document is concerned: I slightly prefer to > do rfc2818bis although I understand that doing a -bis always takes > longer than originally anticipated. Agreed. Peter -- Peter Saint-Andre https://stpeter.im/
- Re: Last Call: RFC 2818 (HTTP Over TLS) to Propos… SM
- Re: Last Call: RFC 2818 (HTTP Over TLS) to Propos… Alexey Melnikov
- Re: Last Call: RFC 2818 (HTTP Over TLS) to Propos… Peter Saint-Andre
- Re: Last Call: RFC 2818 (HTTP Over TLS) to Propos… Julian Reschke
- Re: Last Call: RFC 2818 (HTTP Over TLS) to Propos… Peter Saint-Andre