IETF Logo Mail Archive

[Uta] Certificate pinning?

Cyrus Daboo <cyrus@daboo.name> Fri, 07 March 2014 15:13 UTC

Return-Path: <cyrus@daboo.name>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 269261A027F for <uta@ietfa.amsl.com>; Fri, 7 Mar 2014 07:13:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.047
X-Spam-Level:
X-Spam-Status: No, score=-1.047 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, RP_MATCHES_RCVD=-0.547] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gDzRNjGMHPz1 for <uta@ietfa.amsl.com>; Fri, 7 Mar 2014 07:13:13 -0800 (PST)
Received: from daboo.name (daboo.name [173.13.55.49]) by ietfa.amsl.com (Postfix) with ESMTP id D9E331A01FC for <uta@ietf.org>; Fri, 7 Mar 2014 07:13:12 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by daboo.name (Postfix) with ESMTP id 0CD5C5EBFF22 for <uta@ietf.org>; Fri, 7 Mar 2014 10:13:10 -0500 (EST)
X-Virus-Scanned: amavisd-new at example.com
Received: from daboo.name ([127.0.0.1]) by localhost (daboo.name [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s5xEfePTBL6n for <uta@ietf.org>; Fri, 7 Mar 2014 10:13:09 -0500 (EST)
Received: from caldav.corp.apple.com (unknown [17.45.162.46]) by daboo.name (Postfix) with ESMTPSA id 175715EBFF13 for <uta@ietf.org>; Fri, 7 Mar 2014 10:13:08 -0500 (EST)
Date: Fri, 07 Mar 2014 10:12:36 -0500
From: Cyrus Daboo <cyrus@daboo.name>
To: uta@ietf.org
Message-ID: <5472A050F724AB161474A2E7@caldav.corp.apple.com>
X-Mailer: Mulberry/4.1.0b1 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; size="467"
Archived-At: http://mailarchive.ietf.org/arch/msg/uta/WGYwp4cyqj7zq2LgO8rOg7kPmVk
Subject: [Uta] Certificate pinning?
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Mar 2014 15:13:15 -0000

Hi,
Has any thought been given to generalizing the certificate pinning work 
being done by the websec WG 
(<http://tools.ietf.org/html/draft-ietf-websec-key-pinning-11>) to make it 
applicable to other protocols?

And, vice versa, what about taking the concept of security latches from 
draft-newman-email-deep-01 and making those available in HTTP?

I guess this begs the question of what, if any, relationship is there 
between UTA and WebSec WGs?

-- 
Cyrus Daboo

v2.23.0 | Report a Bug | By Email