Return-Path: X-Original-To: tools-development@ietfa.amsl.com Delivered-To: tools-development@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 574EF1A00A8 for ; Wed, 16 Sep 2015 12:14:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -101.9 X-Spam-Level: X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V6737Y_WSj6E for ; Wed, 16 Sep 2015 12:14:30 -0700 (PDT) Received: from odin.smetech.net (x-bolt-wan.smeinc.net [209.135.219.146]) by ietfa.amsl.com (Postfix) with ESMTP id 71C5C1A00A4 for ; Wed, 16 Sep 2015 12:14:30 -0700 (PDT) Received: from localhost (unknown [209.135.209.5]) by odin.smetech.net (Postfix) with ESMTP id E6CC29A409D; Wed, 16 Sep 2015 15:14:19 -0400 (EDT) X-Virus-Scanned: amavisd-new at smetech.net Received: from odin.smetech.net ([209.135.209.4]) by localhost (ronin.smeinc.net [209.135.209.5]) (amavisd-new, port 10024) with ESMTP id yKZxjV-2ztgE; Wed, 16 Sep 2015 15:13:02 -0400 (EDT) Received: from [192.168.2.100] (pool-108-51-128-219.washdc.fios.verizon.net [108.51.128.219]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by odin.smetech.net (Postfix) with ESMTP id D3E539A400D; Wed, 16 Sep 2015 15:13:58 -0400 (EDT) Mime-Version: 1.0 (Apple Message framework v1085) Content-Type: text/plain; charset=us-ascii From: Russ Housley In-Reply-To: <55F9AF04.8000900@labn.net> Date: Wed, 16 Sep 2015 15:13:47 -0400 Content-Transfer-Encoding: quoted-printable Message-Id: References: <55F2EAA4.3040503@labn.net> <55F31680.6080100@labn.net> <14fc7535b48.2818.9b4188e636579690ba6c69f2c8a0f1fd@labn.net> <55F8E38F.7080901@labn.net> <55F99B74.7080105@labn.net> <55F9AF04.8000900@labn.net> To: Lou Berger X-Mailer: Apple Mail (2.1085) Archived-At: Cc: tools-development@ietf.org Subject: Re: [TOOLS-DEVELOPMENT] ical server issue X-BeenThere: tools-development@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Tools Development list server List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Sep 2015 19:14:32 -0000 Lou: Time is part of the TLS handshake nonce. But, no one checks it. In = fact, in TLS 1.3 it is being replaced with random bits. Russ On Sep 16, 2015, at 2:03 PM, Lou Berger wrote: > I think ssl includes a time exchange, but I'm certainly not informed > (let alone an expert) on this topic... >=20 > On 09/16/2015 01:51 PM, Benson Schliesser wrote: >> No, I think my "shot in the dark" was just a miss... I just spent a = few >> minutes just now looking at the cert, http headers, etc, and it all >> seems correct to me. Sorry. >> -B >>=20 >>=20 >> On Wed, Sep 16, 2015 at 1:14 PM, Glen > > wrote: >>=20 >> Hi Benson - >>=20 >> The iCal server is using the same global wildcard certificate that >> the rest of the IETF services are using. >>=20 >> I just reviewed it, and the time zone information appears to be >> correctly set. The expiration date, for example, is: >>=20 >> 8/11/2016 16:12:50 PM (8/11/2016 23:12:50 PM GMT) >>=20 >> Which seems to be more-or-less correct.... >>=20 >> Apologies if I'm missing something or looking in the wrong place? >>=20 >> Glen >>=20 >>=20 >>=20 >>=20 >>=20 >>=20 >>=20 >> On Wed, Sep 16, 2015 at 10:06 AM, Benson Schliesser >> > wrote: >>=20 >> Just a shot in the dark: Given that this issue presents = itself >> when Google Calendar pulls ical info via HTTPS, it occurs to = me >> that perhaps the issue is with timezone info in the server's >> certificate..?=20 >> -B >>=20 >>=20 >> On Wed, Sep 16, 2015 at 12:43 PM, Glen > > wrote: >>=20 >> Understood. I'll make sure everyone here knows this, and = if >> we locate any web pages with the less-desirable link, I'll >> make sure they get updated. >>=20 >> Thanks, >> Glen >>=20 >>=20 >> On Wed, Sep 16, 2015 at 9:40 AM, Lou Berger >> > wrote: >>=20 >>=20 >>=20 >> On 9/16/2015 12:30 PM, Glen wrote: >>> ... >>> Interesting find about the https:// though... >> .. >>=20 >> Given the work around, I'm going to move on to other >> things. As we >> scale out ical services, and more google users show = up, >> we'll need to >> address this. Certainly publishing the http version = as >> 1st choice for >> public calendars will avoid most of this. >>=20 >> Thanks, >> Lou >>=20 >>=20 >> _______________________________________________ >> TOOLS-DEVELOPMENT mailing list >> TOOLS-DEVELOPMENT@ietf.org >> >> = https://www.ietf.org/mailman/listinfo/tools-development >>=20 >>=20 >>=20 >> _______________________________________________ >> TOOLS-DEVELOPMENT mailing list >> TOOLS-DEVELOPMENT@ietf.org = >> https://www.ietf.org/mailman/listinfo/tools-development >>=20 >>=20 >>=20 >> _______________________________________________ >> TOOLS-DEVELOPMENT mailing list >> TOOLS-DEVELOPMENT@ietf.org >> https://www.ietf.org/mailman/listinfo/tools-development >>=20 >>=20 >>=20 >>=20 >>=20 >> _______________________________________________ >> TOOLS-DEVELOPMENT mailing list >> TOOLS-DEVELOPMENT@ietf.org >> https://www.ietf.org/mailman/listinfo/tools-development >>=20 >=20 > _______________________________________________ > TOOLS-DEVELOPMENT mailing list > TOOLS-DEVELOPMENT@ietf.org > https://www.ietf.org/mailman/listinfo/tools-development