Re: [TLS] who do I poke to fix the URLs in the header?
Dave Garrett <davemgarrett@gmail.com> Thu, 30 April 2015 13:33 UTC
Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A6391B29F4 for <tls@ietfa.amsl.com>; Thu, 30 Apr 2015 06:33:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oBdu01jtHpTz for <tls@ietfa.amsl.com>; Thu, 30 Apr 2015 06:33:52 -0700 (PDT)
Received: from mail-qk0-x22f.google.com (mail-qk0-x22f.google.com [IPv6:2607:f8b0:400d:c09::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 189DA1B29F0 for <tls@ietf.org>; Thu, 30 Apr 2015 06:33:52 -0700 (PDT)
Received: by qkgx75 with SMTP id x75so32915907qkg.1 for <tls@ietf.org>; Thu, 30 Apr 2015 06:33:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=L/qHeFFKxarTHaTEDZqC+dvwbk6TKKnS8366tsjAAM8=; b=S85PMxsJawEakzJG48v55pb5a/b3Q149i7Ng28PGulq8ddCHuPefj900OR2c+YO3aS 3klDWyT/G23B37Zk19/u1F/5w1y+tyK+Wlw2qTCK6hNux9OOQEG29JOe+iyVDiVIvkFM cQuxOfF+45NQPSPS3nkB0vYMkc6UOeDwibrOmVe+VBx7avZxuE/qv7MLkevv0vvQvlAv kQsFRkdhiBMbb4t2EFllD4/AnpYIM0TASBa08TZlimJdkxTzMg3Qt5mso3sHzK0Xwufd J8DbuwYT3cjCaCIGZ7/MNlaIGPhdDoChit8d0dJRSNHIko8FX+i/kmLl+hyu8s3bjl9n C75w==
X-Received: by 10.140.235.16 with SMTP id g16mr4648513qhc.55.1430400831364; Thu, 30 Apr 2015 06:33:51 -0700 (PDT)
Received: from dave-laptop.localnet (pool-96-245-254-195.phlapa.fios.verizon.net. [96.245.254.195]) by mx.google.com with ESMTPSA id a82sm1193186qka.0.2015.04.30.06.33.50 (version=TLSv1 cipher=RC4-SHA bits=128/128); Thu, 30 Apr 2015 06:33:50 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Thu, 30 Apr 2015 09:33:49 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-73-generic-pae; KDE/4.4.5; i686; ; )
References: <201504292035.21721.davemgarrett@gmail.com> <5541E286.2090001@cs.tcd.ie>
In-Reply-To: <5541E286.2090001@cs.tcd.ie>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <201504300933.49582.davemgarrett@gmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/Iw_BHlajoBZ9WDAcvotREFqrPY0>
Cc: tls@ietf.org
Subject: Re: [TLS] who do I poke to fix the URLs in the header?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Apr 2015 13:33:54 -0000
Thanks. Note that while I am asking about policy, in that I think having HTTPS used for all IETF servers by default is a good idea, that is not the primary issue I'm bringing up here. At the moment, I'd just like the URLs updated to use HTTPS for what already supports it.
As to the normative & informative references, the I-D uses relative URLs and the Editor's Copy uses absolute HTTP URLs, which is what seems to cause the inconsistency of not using the same scheme when loading the pages over HTTPS. The Editor's Copy could use double-slash relative URLs to get the same effect, at minimum. Just using HTTPS links for everything would be simpler, though.
Dave
On Thursday, April 30, 2015 04:06:30 am Stephen Farrell wrote:
>
> Hi Dave,
>
> That brings in a bunch of things including tools, boilerplate
> issues and policy stuff ("do we want an https-everything like
> thing for the IETF?"). Good questions to ask though so I'll put
> that on the IESG's agenda for some meetings we're having next
> week. Please hassle me in 2-3 weeks if you don't hear something
> back.
>
> Cheers,
> S.
>
> On 30/04/15 01:35, Dave Garrett wrote:
> > https://tlswg.github.io/tls13-spec/
> > https://tools.ietf.org/html/draft-ietf-tls-tls13-05
> >
> > Where does the "Status of This Memo" and "Copyright Notice" text get pulled from? There seems to be some black magic involved in the build process, and I don't see where that text lives. I'd like to request the two URLs be updated, but I don't know where to ask.
> >
> > status has:
> > http://datatracker.ietf.org/drafts/current/
> > which redirects to:
> > http://datatracker.ietf.org/doc/active/
> > which does support TLS, and should be:
> > https://datatracker.ietf.org/doc/active/
> >
> > copyright has:
> > http://trustee.ietf.org/license-info
> > which redirects to:
> > http://trustee.ietf.org/trust-legal-provisions.html
> > which does support TLS, and should be:
> > https://trustee.ietf.org/trust-legal-provisions.html
> > the initial URL also supports TLS, so this works:
> > https://trustee.ietf.org/license-info
> > however that redirects to HTTP, not HTTPS (...sigh)
> >
> > So, yeah... I'd like the new TLS spec to actually attempt to use TLS in its URLs, where possible. To do this needs:
> > 1) Update those two URLs in the template for these sections to use the HTTPS equivalent (in the case of "status", also change "current" to "active").
> > 2) Get someone to fix the redirects on trustee.ietf.org to redirect to HTTPS, at minimum when already coming from HTTPS.
> >
> > Actually using TLS by default might also be a plan...
> >
> > As to other URLs in the document, I added a couple 's'es in my minor fixes branch/PR. There are additional domains that do support HTTPS, technically, but they get cert errors... because of course they do.
> >
> > The RFC references have an odd inconsistency here. In the numbered working group drafts, they properly generate with HTTPS links:
> > https://tools.ietf.org/html/draft-ietf-tls-tls13-05#section-13.1
> > However, in the editor's copy (draft-ietf-tls-tls13-latest), they generate with HTTP links:
> > https://tlswg.github.io/tls13-spec/#rfc.references.1
> >
> > That needs fixing if just for consistency.
> >
> > Also, tools.ietf.org should of course be using HTTPS by default, but it's not.
> >
> >
> > Dave
> >
> > _______________________________________________
> > TLS mailing list
> > TLS@ietf.org
> > https://www.ietf.org/mailman/listinfo/tls
- Re: [TLS] who do I poke to fix the URLs in the he… Stephen Farrell
- [TLS] who do I poke to fix the URLs in the header? Dave Garrett
- Re: [TLS] who do I poke to fix the URLs in the he… Stephen Farrell
- Re: [TLS] who do I poke to fix the URLs in the he… Dave Garrett
- Re: [TLS] who do I poke to fix the URLs in the he… Roland Zink
- Re: [TLS] who do I poke to fix the URLs in the he… Stephen Farrell
- Re: [TLS] who do I poke to fix the URLs in the he… Dave Garrett
- Re: [TLS] who do I poke to fix the URLs in the he… Stephen Farrell
- Re: [TLS] who do I poke to fix the URLs in the he… Xiaoyin Liu
- Re: [TLS] who do I poke to fix the URLs in the he… Stephen Farrell