Re: [TLS] who do I poke to fix the URLs in the header?

Roland Zink <roland@zinks.de> Thu, 30 April 2015 13:38 UTC

Return-Path: <roland@zinks.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B6F01A92B1 for <tls@ietfa.amsl.com>; Thu, 30 Apr 2015 06:38:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.65
X-Spam-Level:
X-Spam-Status: No, score=-1.65 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_DE=0.35] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R3pspYRxTWdJ for <tls@ietfa.amsl.com>; Thu, 30 Apr 2015 06:38:09 -0700 (PDT)
Received: from mo6-p00-ob.smtp.rzone.de (mo6-p00-ob.smtp.rzone.de [IPv6:2a01:238:20a:202:5300::3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5BE051A9131 for <tls@ietf.org>; Thu, 30 Apr 2015 06:38:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1430401086; l=3189; s=domk; d=zinks.de; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:References: Subject:To:MIME-Version:From:Date; bh=1TP2rJkwCZPlvdHJYx56MvCNSFyI0BOR54TNEBkmggE=; b=Aca0TiNZlS4EUL9338+QzjoT6DL36cGNhNyQCcb2fBqPxn8sN8Lk7qpUukvllzEi9Wp c9ufdeMsXp74Tw4ziYuxnZ1g+6akzvjsDzU29ScCuxHoWEg2Kq5N4Ib3ddHeW9OjQaoxB jXMQadP2rVEqpgRCsdG1ho/XPyOkZBj0mGI=
X-RZG-AUTH: :PmMIdE6sW+WWP9q/oR3Lt+I+9KAK33vRJaCwLQNJU2mlIkBC0t1G+0bSVECAiLyH+N7khuG2X0VPtfp0A2vnA8nurA==
X-RZG-CLASS-ID: mo00
Received: from [IPv6:2001:4dd0:ff67:0:607a:32b3:447b:12c3] ([2001:4dd0:ff67:0:607a:32b3:447b:12c3]) by smtp.strato.de (RZmta 37.5 AUTH) with ESMTPSA id V06074r3UDc36hS (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (curve secp521r1 with 521 ECDH bits, eq. 15360 bits RSA)) (Client did not present a certificate) for <tls@ietf.org>; Thu, 30 Apr 2015 15:38:03 +0200 (CEST)
Message-ID: <5542303D.2080604@zinks.de>
Date: Thu, 30 Apr 2015 15:38:05 +0200
From: Roland Zink <roland@zinks.de>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: tls@ietf.org
References: <201504292035.21721.davemgarrett@gmail.com> <5541E286.2090001@cs.tcd.ie>
In-Reply-To: <5541E286.2090001@cs.tcd.ie>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/d0Dq4SK1ScKpKgMMFLMnGwA-gqs>
Subject: Re: [TLS] who do I poke to fix the URLs in the header?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Apr 2015 13:38:11 -0000

Hi Stephen,

does this mean that in order to implement TLS (read the specification) 
you need to use TLS (know how it is working)? Is it possible to let the 
client decide and offer alternate services when the client does not use 
https?

Regards,
Roland


On 30.04.2015 10:06, Stephen Farrell wrote:
> Hi Dave,
>
> That brings in a bunch of things including tools, boilerplate
> issues and policy stuff ("do we want an https-everything like
> thing for the IETF?"). Good questions to ask though so I'll put
> that on the IESG's agenda for some meetings we're having next
> week. Please hassle me in 2-3 weeks if you don't hear something
> back.
>
> Cheers,
> S.
>
> On 30/04/15 01:35, Dave Garrett wrote:
>> https://tlswg.github.io/tls13-spec/
>> https://tools.ietf.org/html/draft-ietf-tls-tls13-05
>>
>> Where does the "Status of This Memo" and "Copyright Notice" text get pulled from? There seems to be some black magic involved in the build process, and I don't see where that text lives. I'd like to request the two URLs be updated, but I don't know where to ask.
>>
>> status has:
>> http://datatracker.ietf.org/drafts/current/
>> which redirects to:
>> http://datatracker.ietf.org/doc/active/
>> which does support TLS, and should be:
>> https://datatracker.ietf.org/doc/active/
>>
>> copyright has:
>> http://trustee.ietf.org/license-info
>> which redirects to:
>> http://trustee.ietf.org/trust-legal-provisions.html
>> which does support TLS, and should be:
>> https://trustee.ietf.org/trust-legal-provisions.html
>> the initial URL also supports TLS, so this works:
>> https://trustee.ietf.org/license-info
>> however that redirects to HTTP, not HTTPS (...sigh)
>>
>> So, yeah... I'd like the new TLS spec to actually attempt to use TLS in its URLs, where possible. To do this needs:
>> 1) Update those two URLs in the template for these sections to use the HTTPS equivalent (in the case of "status", also change "current" to "active").
>> 2) Get someone to fix the redirects on trustee.ietf.org to redirect to HTTPS, at minimum when already coming from HTTPS.
>>
>> Actually using TLS by default might also be a plan...
>>
>> As to other URLs in the document, I added a couple 's'es in my minor fixes branch/PR. There are additional domains that do support HTTPS, technically, but they get cert errors... because of course they do.
>>
>> The RFC references have an odd inconsistency here. In the numbered working group drafts, they properly generate with HTTPS links:
>> https://tools.ietf.org/html/draft-ietf-tls-tls13-05#section-13.1
>> However, in the editor's copy (draft-ietf-tls-tls13-latest), they generate with HTTP links:
>> https://tlswg.github.io/tls13-spec/#rfc.references.1
>>
>> That needs fixing if just for consistency.
>>
>> Also, tools.ietf.org should of course be using HTTPS by default, but it's not.
>>
>>
>> Dave
>>
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>>
>>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls