[saag] Re: Fwd: [Uri-review] [IANA #1449893] Registration of URI scheme 'cttps'
Deb Cooley <debcooley1@gmail.com> Wed, 13 May 2026 06:34 UTC
Return-Path: <debcooley1@gmail.com>
X-Original-To: saag@mail2.ietf.org
Delivered-To: saag@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id D18CCED8C275 for <saag@mail2.ietf.org>; Tue, 12 May 2026 23:34:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1778654059; bh=t+7Yt89cz1R9ZyD2If3XGwRF7v/ZVl3FpMgdJXxKm5M=; h=References:In-Reply-To:From:Date:Subject:To:Cc; b=SeM94yZN42uXWcl7JOJCAyfEPghWDMlk2I5Yq05k5gd9/HI+pw2XLeFF/VI2s+ZLy ZztK+8UmlhxLMHUF1T75eSVinzmTMIbfeXnjaiK/Vw3JMfOyAGGjbasMuv8D90YDPG z85yxPaqAggDyiM34ftyG8r4rsXY++37J+qdaoSU=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level:
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rVvbQp0MCJh8 for <saag@mail2.ietf.org>; Tue, 12 May 2026 23:34:15 -0700 (PDT)
Received: from mail-dy1-x1330.google.com (mail-dy1-x1330.google.com [IPv6:2607:f8b0:4864:20::1330]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id E156DED8C26E for <saag@ietf.org>; Tue, 12 May 2026 23:34:15 -0700 (PDT)
Received: by mail-dy1-x1330.google.com with SMTP id 5a478bee46e88-2f36da5c8fbso6314135eec.0 for <saag@ietf.org>; Tue, 12 May 2026 23:34:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1778654055; cv=none; d=google.com; s=arc-20240605; b=lC5Z9PMPoHxSLLgtLlUrbM4oYo3fLPYHcTetthZvjvsGum53oj5z6upBnqwtVwGPwZ rvGIQQdJYG/IaSk6OCSsT+0WtyBoR+g/gtjLCoAsnXh9N+6pZmNZjs7EetUq9HsxzI17 K1n4gIDHSiQKeXdjOe1v8JhtQPa7/Tnf4rJmwwrMDOv9aQJ84ZoBXvAHzTph+BZR7KQv phXTXPFFCX5GdJyxfivJjxj80bQoFa6AojhAe4ib3GsctXxVlv6h4xeFDLGLaYFAyTRm tlLacnl2F5Qk1oJ8aGU42P7nfSoAAdXAqMq3wTb83nJ7s9Qbvq14JR0W/UQ1tItdY/Pa zMAA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature; bh=S56uaWejJq883HtR1f0gPymTfCstu2N22cEtaUP2eU4=; fh=UAJHy+L5SVlZWWTcCJTVDV/zNzEOPR9SmKXdcDvbyaA=; b=h1LG9LiFUsMZdSFYn5ezNLgCeHhC8M9NLubLJOLgTOfeMMRe3g+R5KE18wgvXaMib4 hCX1AL5WWitG5XnA6oLyLzv6mjZHQDz0fcOh1ief194ROijckwiTzshpBstwf9Ntn06u Ekxk5SD9EbLcg+DKoEww/eUOoiEFUSLoq9vq9jAJyClknPFiSYIy20nUYoouUBEl3alS ZTKpp0+f9UWk2yK/d7lCig/Hth49MrqElbIR3G6eAIIBH+39bR8jg94/VdIBBgk+o2Cw bfwJysTLPtW+pwsa65njtYBm36gt4Agb4hTcfu+yy9stvsEyW1Z0AcniUoEXl9foRhch 4aGQ==; darn=ietf.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1778654055; x=1779258855; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=S56uaWejJq883HtR1f0gPymTfCstu2N22cEtaUP2eU4=; b=WQtwMInaluU7dNREFd4jZLmzKMZqwXheCN06GpsrYn/QXaOJynchuckClmgutH2eHq zLAj4kBIqq503ydYPJHgqigxZJio+F1vFHoZzA/R73M58aG2mcVFSGG/e0HFBk9knvfb A94PC/QGRJrI1otIXs+zhxdHTfpUn5lcLPcMecSM/DTd3WmnhNKYEV8Nh8XuhKnCrohu j5zKRunlKvwZ/oUEklIm1UL3z2VUUId8duLLFZm2jryNqmF3YWNrAAqLKxzFOwxhUMbW XRCLipUG9zpepvD1cOIjKWVctBWNaJdocTbOOkw8p7iIXSzVhG7dV4+VtKqRcz1h66F8 TGNA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1778654055; x=1779258855; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=S56uaWejJq883HtR1f0gPymTfCstu2N22cEtaUP2eU4=; b=AL+wvxy+BB/Mmzgz77nAzh+AMHYyiJkVl0f7YBHfLVDSDdp9hHCeSLuxj4cut6CtoE UDsqf2KU9jGEdhjrkdwrRJU1mJAHss8sgiv7htbe4l+rmOtjn3wPcFAmSFf8+5pXBLkH 3rj6KBM/WD54Y1gArTe6AQqHdjKApREYdvNRieCTJUYu59HUEXtF+V3g3Bx23t1uDL49 BPwwy5BZMmeZtBCCzq7UzPhq/7GAVS3NwE6GE9ebLORwwvqnZubdpmKF9AGyffTOPwD2 DC6UUzbukrXWe7h3tcAD+yHNUWep2UdZsAWfHHWoxR7E1DhhLqUc53TKE6AwksmTYjsp PqxA==
X-Gm-Message-State: AOJu0Yze/uJWp+5NSR90/nqikreWoq22IX4LOf2wOnMgRpWAOzVEhyZK C7Ahl75T5cR5ha9FXrCYUgL2H8d1qwR7VSXVHHjdQa8Jk9LrXH6FoWLPdVZVI0ZhFjq4/2Uvm+W 9LMVvaDqDenIkz5RBV96i/W3dzP5dUjzbMqcqnA==
X-Gm-Gg: Acq92OEgiCZTUSDtF8kKOKd7OlyulojkMkgY52db0vx4UweSS0QLQrJAm4m/pDkfL7j lwhFJcRLhOhecdSzLA7EqN3MkoWhDpXuEPrdcustACaF8d4VQrWldnZEocF0ARlyBWtZthQ4hsw 9ppAR2RxVu01iZL5bR+6JwIEQk+xBdDlftu1eT3hgq7x7qoMMtPcYm905AV4pL115ARnipZw8Ig /6Gzyy8uvj4T5dssBr2yjyGOd1VtfFcDsQ9oiEFdOr4ViHfmpdDTcJMeRVvpbMuia+JU7/ofoar T/oyTb9Blna5X+hxtbc9oM9sF72kxZ6roZ6ckv+sha5RA7AcDn7fGrT18/sXDsWm
X-Received: by 2002:a05:7300:eb91:b0:2ed:e12:3769 with SMTP id 5a478bee46e88-3011a467d7cmr1161135eec.31.1778654054778; Tue, 12 May 2026 23:34:14 -0700 (PDT)
MIME-Version: 1.0
References: <rt-5.0.3-316737-1778544597-1483.1449893-37-0@icann.org> <15A28908-6B56-4AB6-ADB5-C6B5D14DCEA6@ninebynine.org>
In-Reply-To: <15A28908-6B56-4AB6-ADB5-C6B5D14DCEA6@ninebynine.org>
From: Deb Cooley <debcooley1@gmail.com>
Date: Wed, 13 May 2026 07:34:00 +0100
X-Gm-Features: AVHnY4LyUZVlgRr7IWtR-jYYAkngPWnTiDY2vKSatqXg1xCCpYxdkfZIfX4Cyw8
Message-ID: <CAGgd1OdE7WW06ue_WXc3BgRS_EdpvrvHkHy8jtnEtK9VF5MPWg@mail.gmail.com>
To: Graham Klyne <gk@ninebynine.org>
Content-Type: multipart/alternative; boundary="0000000000001d09600651ad2bf4"
Message-ID-Hash: 4A4D7DXQF4EWKYSFI4UJJJYXNV4HRI5Q
X-Message-ID-Hash: 4A4D7DXQF4EWKYSFI4UJJJYXNV4HRI5Q
X-MailFrom: debcooley1@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-saag.ietf.org-0; header-match-saag.ietf.org-1; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: saag@ietf.org, Mark Baker <mark@coactus.com>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [saag] Re: Fwd: [Uri-review] [IANA #1449893] Registration of URI scheme 'cttps'
List-Id: Security Area Advisory Group <saag.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/e0YyInKMZQrSMsbtA84HZ_XmIMU>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Owner: <mailto:saag-owner@ietf.org>
List-Post: <mailto:saag@ietf.org>
List-Subscribe: <mailto:saag-join@ietf.org>
List-Unsubscribe: <mailto:saag-leave@ietf.org>
To answer the question asked: It is impossible to separate security merits from a protocol such as TLS/SSL. In this case, as has been stated, the protocol being provisionally registered has many vulnerabilities. I certainly hope that there is little uptake. Deb Cooley Sec AD On Tue, May 12, 2026 at 8:29 AM Graham Klyne <gk@ninebynine.org> wrote: > I’m forwarding this for information, as I’m not sure if anyone in security > area would otherwise be aware of this. > > Provisional URI schemes are registered FCFS, without review, so there’s no > IETF-approved action here, but it feels to me a bit like a new generic > security transport being packaged as a web protocol. I wonder if such an > initiative, regardless of its security merits, should be a TLS/SSL option > rather than a new protocol scheme? I don’t know enough about security > protocols to judge. > > #g > > (Mark Baker cc’ed for information as current URI scheme reviewer.) > > > Sent from my iPhone > > Begin forwarded message: > > *From:* Sabrina Tanamal via RT <iana-prot-param@iana.org> > *Date:* 12 May 2026 at 01:10:45 BST > *To:* notdreampvp@gmail.com > *Cc:* uri-review@ietf.org > *Subject:* *[Uri-review] [IANA #1449893] Registration of URI scheme > 'cttps'* > *Reply-To:* iana-prot-param@iana.org > > Dear Saso, > > We've added provisional URI scheme "cttps" to the registry: > > https://www.iana.org/assignments/uri-schemes/prov/cttps > > Registry: https://www.iana.org/assignments/uri-schemes > > Per the designated expert for URI Schemes registry, we're also notifying > the uri-review@ietf.org mailing list that this provisional registration > has been completed. > > Best regards, > > Sabrina Tanamal > IANA > > _______________________________________________ > Uri-review mailing list -- uri-review@ietf.org > To unsubscribe send an email to uri-review-leave@ietf.org > > _______________________________________________ > saag mailing list -- saag@ietf.org > To unsubscribe send an email to saag-leave@ietf.org >
- [saag] Fwd: [Uri-review] [IANA #1449893] Registra… Graham Klyne
- [saag] Re: Fwd: [Uri-review] [IANA #1449893] Regi… Salz, Rich
- [saag] Re: Fwd: [Uri-review] [IANA #1449893] Regi… Paul Wouters
- [saag] Re: [Uri-review] Re: Re: Fwd: [IANA #14498… Ted Hardie
- [saag] Re: [Uri-review] Re: Re: Fwd: [IANA #14498… Paul Wouters
- [saag] Re: [Uri-review] Re: Re: Fwd: [IANA #14498… Mark Baker
- [saag] Re: [Uri-review] Re: Re: Fwd: [IANA #14498… Eric Rescorla
- [saag] Re: [Uri-review] Re: Re: Fwd: [IANA #14 49… S Moonesamy
- [saag] Re: Fwd: [Uri-review] [IANA #1449893] Regi… Deb Cooley