[Uta] wrt draft-ietf-uta-email-tls-certs
=JeffH <Jeff.Hodges@KingsMountain.com> Tue, 02 February 2016 00:54 UTC
Return-Path: <Jeff.Hodges@kingsmountain.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1B971A1A9F for <uta@ietfa.amsl.com>; Mon, 1 Feb 2016 16:54:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.667
X-Spam-Level:
X-Spam-Status: No, score=-101.667 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8s8ZFRKd3K3b for <uta@ietfa.amsl.com>; Mon, 1 Feb 2016 16:54:30 -0800 (PST)
Received: from gproxy5-pub.mail.unifiedlayer.com (gproxy5-pub.mail.unifiedlayer.com [67.222.38.55]) by ietfa.amsl.com (Postfix) with SMTP id 153AF1A1AA6 for <uta@ietf.org>; Mon, 1 Feb 2016 16:54:28 -0800 (PST)
Received: (qmail 17976 invoked by uid 0); 2 Feb 2016 00:54:26 -0000
Received: from unknown (HELO cmgw2) (10.0.90.83) by gproxy5.mail.unifiedlayer.com with SMTP; 2 Feb 2016 00:54:26 -0000
Received: from box514.bluehost.com ([74.220.219.114]) by cmgw2 with id DCuL1s00M2UhLwi01CuPti; Mon, 01 Feb 2016 17:54:24 -0700
X-Authority-Analysis: v=2.1 cv=dqRIVTQ4 c=1 sm=1 tr=0 a=9W6Fsu4pMcyimqnCr1W0/w==:117 a=9W6Fsu4pMcyimqnCr1W0/w==:17 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=IkcTkHD0fZMA:10 a=XYUc-DgfXtMA:10 a=BbB3o22BIMkA:10 a=jFJIQSaiL_oA:10 a=eT1LkBkGwUgpsg2BcHIA:9 a=QEXdDO2ut3YA:10
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kingsmountain.com; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Date:Message-ID:Subject:From:Cc:To; bh=tGdShR/9DU9lPfoCYbJ9sTw3/9nGrsx94SHY+DZlK3U=; b=mMZt4hy3PNOoiYKfqx0e161OXZU+mUzl73IHVhHuq2tGpq0FlsAOnLHGKS8+HoTNW72EKp28dTLHkhavN0qXXZBBczHF3bKAZW64eU6z2E95d7V+DQU1nSEQOiDt4ur0;
Received: from [173.224.162.79] (port=59123 helo=[192.168.86.135]) by box514.bluehost.com with esmtpsa (TLSv1.2:DHE-RSA-AES128-SHA:128) (Exim 4.84) (envelope-from <Jeff.Hodges@KingsMountain.com>) id 1aQPEc-0000qc-4l; Mon, 01 Feb 2016 17:54:22 -0700
To: draft-ietf-uta-email-tls-certs@ietf.org
From: =JeffH <Jeff.Hodges@KingsMountain.com>
Message-ID: <56AFFE3B.4010505@KingsMountain.com>
Date: Mon, 01 Feb 2016 16:54:19 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Identified-User: {11025:box514.bluehost.com:kingsmou:kingsmountain.com} {sentby:smtp auth 173.224.162.79 authed with jeff.hodges+kingsmountain.com}
Archived-At: <http://mailarchive.ietf.org/arch/msg/uta/EIi_xTdG81zYTOZCUaexr7z28FM>
Cc: uta@ietf.org, uta-chairs@ietf.org, IETF Discussion List <ietf@ietf.org>
Subject: [Uta] wrt draft-ietf-uta-email-tls-certs
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Feb 2016 00:54:30 -0000
Hi Alexey,
I was taking a look at wrt draft-ietf-uta-email-tls-certs and noted that it
says this in Section 3..
[...]
Matching is performed according
to the rules specified in Section 6 of [RFC6125], including the
relative order of matching of different identifier types,
"certificate pinning" and the procedure on failure to match. The
following inputs are used by the verification procedure used in
[RFC6125]:
[...]
The rules and guidelines defined in [RFC6125] apply to an email
server certificate, with the following supplemental rules:
[...various supplemental rules to add to those defined in RFC6125.. ]
..thus I am curious as to why draft-ietf-uta-email-tls-certs does not
officially update RFC6125 -- should it not (in addition to updating four
other RFCs as it notes) ?
thanks, HTH,
=JeffH
- [Uta] wrt draft-ietf-uta-email-tls-certs =JeffH
- Re: [Uta] wrt draft-ietf-uta-email-tls-certs Alexey Melnikov
- Re: [Uta] wrt draft-ietf-uta-email-tls-certs =JeffH
- Re: [Uta] wrt draft-ietf-uta-email-tls-certs Barry Leiba
- Re: [Uta] wrt draft-ietf-uta-email-tls-certs Orit Levin (CELA)
- Re: [Uta] wrt draft-ietf-uta-email-tls-certs =JeffH