IETF Logo Mail Archive

Re: [saag] IETF 93 Agenda Request - Key Discovery

Russ Housley <housley@vigilsec.com> Thu, 23 July 2015 12:46 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8EC221A9253 for <saag@ietfa.amsl.com>; Thu, 23 Jul 2015 05:46:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IhTui3nwxnu4 for <saag@ietfa.amsl.com>; Thu, 23 Jul 2015 05:46:18 -0700 (PDT)
Received: from odin.smetech.net (x-bolt-wan.smeinc.net [209.135.219.146]) by ietfa.amsl.com (Postfix) with ESMTP id 1E4701A90D5 for <saag@ietf.org>; Thu, 23 Jul 2015 05:46:18 -0700 (PDT)
Received: from localhost (unknown [209.135.209.5]) by odin.smetech.net (Postfix) with ESMTP id 5EF6C9A4046; Thu, 23 Jul 2015 08:46:07 -0400 (EDT)
X-Virus-Scanned: amavisd-new at smetech.net
Received: from odin.smetech.net ([209.135.209.4]) by localhost (ronin.smeinc.net [209.135.209.5]) (amavisd-new, port 10024) with ESMTP id TeJ2Amcts4LV; Thu, 23 Jul 2015 08:44:49 -0400 (EDT)
Received: from dhcp-b4d9.meeting.ietf.org (dhcp-b4d9.meeting.ietf.org [31.133.180.217]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by odin.smetech.net (Postfix) with ESMTP id 647279A4062; Thu, 23 Jul 2015 08:45:46 -0400 (EDT)
Mime-Version: 1.0 (Apple Message framework v1085)
Content-Type: text/plain; charset="us-ascii"
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <CAL02cgSC7SkpEL-17_d6bwwFLhnza2bOwiECtgD=4kVWPzF3EA@mail.gmail.com>
Date: Thu, 23 Jul 2015 08:45:34 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <6AD1B77A-E9CC-4A86-A9C3-74A777B53CBB@vigilsec.com>
References: <55A7F601.9040902@cisco.com> <20150721222308.GU28047@mournblade.imrryr.org> <55AF43B7.60502@cisco.com> <20150722202821.GL4347@mournblade.imrryr.org> <CAL02cgSC7SkpEL-17_d6bwwFLhnza2bOwiECtgD=4kVWPzF3EA@mail.gmail.com>
To: Richard Barnes <rlb@ipv.sx>
X-Mailer: Apple Mail (2.1085)
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/jn9Kl8_NPC_bYwU5aOfF7-wfo8s>
Cc: IETF SAAG <saag@ietf.org>
Subject: Re: [saag] IETF 93 Agenda Request - Key Discovery
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jul 2015 12:46:19 -0000

>>> However, do not confuse RFC 7565 "acct:" URIs for email addresses.
>>> Yes, they look a lot like an email address, as a "xmpp:" or "sip:" URI
>>> can look a lot like an email address.  The "acct:" URI is for a
>>> generic account identifier; it could be a placeholder to email, IM,
>>> VoIP, filesharing, etc.
>>> 
>>> My draft is intended for more than email.
>> 
>> A major difficulty is that email addresses and "accounts", are not
>> necessarily in one to one correspondence or even "few to one"
>> correspondence.
> 
> This doesn't actually matter.  WebFinger lets you put any URI in the
> "resource" field.  So just use a "mailto" URI if you're sad about
> "acct".  The document should probably say that, and probably say you
> should return the same thing in either case.

RFC 4387 provides a means to find an X.509 certificate using HTTP.  It seems pretty straightforward.  Do we have any running code for it?

Russ

v2.23.0 | Report a Bug | By Email