[websec] Fwd: New Version Notification for draft-evans-palmer-key-pinning-00.txt
Chris Palmer <palmer@google.com> Mon, 14 November 2011 21:44 UTC
Return-Path: <palmer@google.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F34A811E8102 for <websec@ietfa.amsl.com>; Mon, 14 Nov 2011 13:44:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.352
X-Spam-Level:
X-Spam-Status: No, score=-103.352 tagged_above=-999 required=5 tests=[AWL=-0.375, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2HSc+mqyM5Wa for <websec@ietfa.amsl.com>; Mon, 14 Nov 2011 13:44:27 -0800 (PST)
Received: from mail-ww0-f44.google.com (mail-ww0-f44.google.com [74.125.82.44]) by ietfa.amsl.com (Postfix) with ESMTP id BC63111E8100 for <websec@ietf.org>; Mon, 14 Nov 2011 13:44:26 -0800 (PST)
Received: by wwe5 with SMTP id 5so3644599wwe.13 for <websec@ietf.org>; Mon, 14 Nov 2011 13:44:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding:x-system-of-record; bh=TnAgVP4MtfIZKGB3ylmou5VY4i6azL/qOCYeWj3Y4Tg=; b=qL1jsstvjXDk78O4Mdv8oGducFmeaji4NiuPGf842hWTaZff1ys73b6dxfWakjwSwY aRmUx1MdH1texg88OlmQ==
Received: by 10.216.54.134 with SMTP id i6mr1490280wec.19.1321307064551; Mon, 14 Nov 2011 13:44:24 -0800 (PST)
MIME-Version: 1.0
Received: by 10.216.54.134 with SMTP id i6mr1490274wec.19.1321307064466; Mon, 14 Nov 2011 13:44:24 -0800 (PST)
Received: by 10.216.216.205 with HTTP; Mon, 14 Nov 2011 13:44:24 -0800 (PST)
In-Reply-To: <20111114213908.10768.82188.idtracker@ietfa.amsl.com>
References: <20111114213908.10768.82188.idtracker@ietfa.amsl.com>
Date: Mon, 14 Nov 2011 13:44:24 -0800
Message-ID: <CAOuvq23qHrc3WAhX2Fiq41B3iQqdVNgK-X7V3AG_G9ZdH5jAYg@mail.gmail.com>
From: Chris Palmer <palmer@google.com>
To: IETF WebSec WG <websec@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-System-Of-Record: true
Subject: [websec] Fwd: New Version Notification for draft-evans-palmer-key-pinning-00.txt
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Nov 2011 21:44:28 -0000
FYI. ---------- Forwarded message ---------- From: <internet-drafts@ietf.org> Date: Mon, Nov 14, 2011 at 1:39 PM Subject: New Version Notification for draft-evans-palmer-key-pinning-00.txt To: palmer@google.com Cc: cevans@google.com, palmer@google.com A new version of I-D, draft-evans-palmer-key-pinning-00.txt has been successfully submitted by Chris Palmer and posted to the IETF repository. Filename: draft-evans-palmer-key-pinning Revision: 00 Title: Public Key Pinning Extension for HTTP Creation date: 2011-11-14 WG ID: Individual Submission Number of pages: 7 Abstract: This memo describes an extension to the HTTP protocol allowing web host operators to instruct user agents (UAs) to remember ("pin") the hosts' cryptographic identities for a given period of time. During that time, UAs will require that the host present a certificate chain including at least one Subject Public Key Info structure whose fingerprint matches one or more of the pinned fingerprints for that host. By effectively reducing the scope of authorities who can authenticate the domain during the lifetime of the pin, pinning may reduce the incidence of man-in-the-middle attacks due to compromised Certification Authorities and other authentication errors and attacks. The IETF Secretariat
- [websec] Fwd: New Version Notification for draft-… Chris Palmer