Re: [TLS] [certid] review of draft-saintandre-tls-server-id-check-09
"Henry B. Hotz" <hotz@jpl.nasa.gov> Wed, 22 September 2010 22:10 UTC
Return-Path: <hotz@jpl.nasa.gov>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 474B128C13A; Wed, 22 Sep 2010 15:10:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.468
X-Spam-Level:
X-Spam-Status: No, score=-6.468 tagged_above=-999 required=5 tests=[AWL=0.131, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mMoeWsCMfGgr; Wed, 22 Sep 2010 15:10:51 -0700 (PDT)
Received: from mail.jpl.nasa.gov (smtp.jpl.nasa.gov [128.149.139.106]) by core3.amsl.com (Postfix) with ESMTP id 2F99328C12C; Wed, 22 Sep 2010 15:10:51 -0700 (PDT)
Received: from laphotz.jpl.nasa.gov (laphotz.jpl.nasa.gov [128.149.133.44]) (authenticated (0 bits)) by smtp.jpl.nasa.gov (Switch-3.4.3/Switch-3.4.3) with ESMTP id o8MMBGxu000831 (using TLSv1/SSLv3 with cipher AES128-SHA (128 bits) verified NO); Wed, 22 Sep 2010 15:11:17 -0700
Mime-Version: 1.0 (Apple Message framework v1081)
Content-Type: text/plain; charset="us-ascii"
From: "Henry B. Hotz" <hotz@jpl.nasa.gov>
In-Reply-To: <4C9A382F.80501@stpeter.im>
Date: Wed, 22 Sep 2010 15:11:16 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <52B5123E-208D-44B6-BB95-92D5B44D4654@jpl.nasa.gov>
References: <sdwrqpyo06.fsf@wjh.hardakers.net> <4C9A382F.80501@stpeter.im>
To: Peter Saint-Andre <stpeter@stpeter.im>
X-Mailer: Apple Mail (2.1081)
X-Source-IP: laphotz.jpl.nasa.gov [128.149.133.44]
X-Source-Sender: hotz@jpl.nasa.gov
X-AUTH: Authorized
X-Mailman-Approved-At: Wed, 22 Sep 2010 16:56:39 -0700
Cc: "ietf@ietf.org" <ietf@ietf.org>, "certid@ietf.org" <certid@ietf.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] [certid] review of draft-saintandre-tls-server-id-check-09
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Sep 2010 22:10:54 -0000
On Sep 22, 2010, at 10:09 AM, Peter Saint-Andre wrote: > 2. A human user has explicitly agreed to trust a service that > provides mappings of source domains to target domains, such as a > dedicated discovery service or an identity service that securely > redirects requests from the source domain to a target domain > (however, such an arrangement is not encouraged and if a client > supports such a service then it needs to disable it by default > and carefully warn the user about the possible negative > consequences of trusting such a service). Pure wordsmithing. Make sure this still says what you want: 2. A human user has explicitly agreed to trust a service that provides mapping of source domains to target domains. For example the user may trust a dedicated discovery service or identity service that securely redirects requests from the source to a target domain. Such an arrangement is not encouraged. If a client supports such a service then it needs to disable it by default, and it MUST carefully warn the user about the possible negative consequences of trusting such a service. ------------------------------------------------------ The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu
- [TLS] review of draft-saintandre-tls-server-id-ch… Wes Hardaker
- Re: [TLS] [certid] review of draft-saintandre-tls… Sean Turner
- Re: [TLS] [certid] review of draft-saintandre-tls… Peter Saint-Andre
- Re: [TLS] review of draft-saintandre-tls-server-i… Peter Saint-Andre
- Re: [TLS] [certid] review of draft-saintandre-tls… Henry B. Hotz
- Re: [TLS] [certid] review of draft-saintandre-tls… Martin Rex
- Re: [TLS] [certid] review of draft-saintandre-tls… Marsh Ray
- Re: [TLS] [certid] review of draft-saintandre-tls… Martin Rex
- Re: [TLS] [certid] review of draft-saintandre-tls… Peter Saint-Andre
- Re: [TLS] [certid] review of draft-saintandre-tls… Peter Saint-Andre