Re: [webfinger] Automated Service Configuration now uses webfinger
Peter Saint-Andre <stpeter@stpeter.im> Mon, 08 July 2013 20:44 UTC
Return-Path: <stpeter@stpeter.im>
X-Original-To: webfinger@ietfa.amsl.com
Delivered-To: webfinger@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0D9421F9E12 for <webfinger@ietfa.amsl.com>; Mon, 8 Jul 2013 13:44:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.537
X-Spam-Level:
X-Spam-Status: No, score=-102.537 tagged_above=-999 required=5 tests=[AWL=0.062, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dmziXl5fX8Fz for <webfinger@ietfa.amsl.com>; Mon, 8 Jul 2013 13:44:22 -0700 (PDT)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 6DC4221F9DFF for <webfinger@ietf.org>; Mon, 8 Jul 2013 13:44:22 -0700 (PDT)
Received: from ergon.local (unknown [128.107.239.233]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 4F990413B8; Mon, 8 Jul 2013 14:45:21 -0600 (MDT)
Message-ID: <51DB24A2.9020203@stpeter.im>
Date: Mon, 08 Jul 2013 14:44:18 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130620 Thunderbird/17.0.7
MIME-Version: 1.0
To: John Bradley <ve7jtb@ve7jtb.com>
References: <F23E5FFF11431C634EC5CA18@caldav.corp.apple.com> <51DABAC6.4090305@doit.wisc.edu> <51DB170A.9070400@stpeter.im> <123e94cf-ce7b-4c38-805e-e18ce0025d5e@email.android.com> <51DB1B37.9010007@stpeter.im> <CA73F16B-EBDB-44CD-A199-2ABDD5DE1B59@ve7jtb.com>
In-Reply-To: <CA73F16B-EBDB-44CD-A199-2ABDD5DE1B59@ve7jtb.com>
X-Enigmail-Version: 1.5.1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: webfinger@ietf.org
Subject: Re: [webfinger] Automated Service Configuration now uses webfinger
X-BeenThere: webfinger@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of the Webfinger protocol proposal in the Applications Area <webfinger.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webfinger>, <mailto:webfinger-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/webfinger>
List-Post: <mailto:webfinger@ietf.org>
List-Help: <mailto:webfinger-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webfinger>, <mailto:webfinger-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jul 2013 20:44:27 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 7/8/13 2:36 PM, John Bradley wrote: > In Sec 4.2 WF currently allows redirecting requests from a https: > uri to another https: uri. > > The problem is mostly domains that don't have any sort of secure > web hosting to redirect from. Well, if you don't have secure web hosting in the first place, secure delegation via HTTP is going to be a problem, eh? ;-) I don't see that there's anything we can do about that, other than warn of the potential dangers. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJR2ySiAAoJEOoGpJErxa2pcvIP/2GgFnRyHqujP4lKm+B1A8K4 w8WZXL+6/ISNuEQ0X0Aa8PN75BySbTCLzWW8jn03UGxLH2Lgl3pLsx98E6LhRcJP 5JZ9m6QVIWpFyZ9HM6a67tg3ioIJcxUjvgXvvNFDGHHBxUvsloGejuSZ5QcTpCOD FpXIUZLrnWaFpKF7yqdbsKw+j7lA85oL3a2LXK5al+6S/rM22AUo4yCScR16CP2b 7pVtVbGRLse5iWK13nOBb/hqETaigK2xsgqZnB69yEce2WZPn6M7OmkeT0ZlYl05 dkJ2SaC6r7qXbJ1LbrwE/TYaFT5sNSQlPbqfSGksnVAlEheAF+y8puGZDxOT9vqg UR63J1yXVm+tKKXyuVz1+1j5qVwQWDhm6V92+8iHUUb1DfF2wRdswR0n3BKUnR6X 54Ql25rJObuINoPwAPIxNnSnDrRrDn3IHmnpYn2DNpYpdDE5PnqWSMSo33WEMic/ YRgRdoRsiqO8ZjRTwU1kqgYeZXejAigsS8Td9Al3bF5UjbxkhAHdPos8haQbBTug MbeYaBQiIB2sadmQ+yZufmfO2apQ0unDk9r/HsG2qlorX7k60Pfxs4SspZ1wFvnl J0HDPJy72fYfGwqCuSYO26Q1ZVDmiAa4tPi6zYY5ZXE4sIul9UAeQcwTZ/lGRADg rEqTGchmFBK4a8KHSaCe =aTbl -----END PGP SIGNATURE-----
- [webfinger] Automated Service Configuration now u… Cyrus Daboo
- Re: [webfinger] Automated Service Configuration n… Markus Lanthaler
- Re: [webfinger] Automated Service Configuration n… Jesse Thompson
- Re: [webfinger] Automated Service Configuration n… Peter Saint-Andre
- Re: [webfinger] Automated Service Configuration n… Jesse Thompson
- Re: [webfinger] Automated Service Configuration n… Peter Saint-Andre
- Re: [webfinger] Automated Service Configuration n… John Bradley
- Re: [webfinger] Automated Service Configuration n… Peter Saint-Andre
- Re: [webfinger] Automated Service Configuration n… Paul E. Jones
- Re: [webfinger] Automated Service Configuration n… Markus Lanthaler
- Re: [webfinger] Automated Service Configuration n… Cyrus Daboo
- Re: [webfinger] Automated Service Configuration n… Cyrus Daboo
- Re: [webfinger] Automated Service Configuration n… Cyrus Daboo
- Re: [webfinger] Automated Service Configuration n… Markus Lanthaler
- Re: [webfinger] Automated Service Configuration n… Gonzalo Salgueiro
- Re: [webfinger] Automated Service Configuration n… Jesse Thompson