Re: [websec] Certificate Pinning via HSTS (.txt version)
Chris Palmer <palmer@google.com> Tue, 13 September 2011 17:55 UTC
Return-Path: <palmer@google.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B300821F8CCA for <websec@ietfa.amsl.com>; Tue, 13 Sep 2011 10:55:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.977
X-Spam-Level:
X-Spam-Status: No, score=-105.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L6Zbhu6-EC+a for <websec@ietfa.amsl.com>; Tue, 13 Sep 2011 10:55:19 -0700 (PDT)
Received: from smtp-out.google.com (smtp-out.google.com [216.239.44.51]) by ietfa.amsl.com (Postfix) with ESMTP id 63F9621F8CD9 for <websec@ietf.org>; Tue, 13 Sep 2011 10:55:18 -0700 (PDT)
Received: from wpaz24.hot.corp.google.com (wpaz24.hot.corp.google.com [172.24.198.88]) by smtp-out.google.com with ESMTP id p8DHvO5F019654 for <websec@ietf.org>; Tue, 13 Sep 2011 10:57:24 -0700
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1315936644; bh=zhHeA6QO2mZ3lKouQEYzYeMYSrs=; h=MIME-Version:In-Reply-To:References:Date:Message-ID:Subject:From: To:Cc:Content-Type; b=Z/btlvOEqcfJPLR0U/a8q+QscBLco822p27TwgC1B5+gDeCi7vVGkjsjdAJS8yHWt xSeCpzJmlz6lsaH0dp/ow==
DomainKey-Signature: a=rsa-sha1; s=beta; d=google.com; c=nofws; q=dns; h=dkim-signature:mime-version:in-reply-to:references:date: message-id:subject:from:to:cc:content-type:x-system-of-record; b=mV7FxbvKjtnFlj2BZc/I4TUd/wwtdpFfIcy/XFuG1eYKoQsiZUVEP4XSLSAwTjqyl i8Q2Fla8/3yC6mgxVh6ew==
Received: from wyg30 (wyg30.prod.google.com [10.241.226.158]) by wpaz24.hot.corp.google.com with ESMTP id p8DHvMu9002363 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for <websec@ietf.org>; Tue, 13 Sep 2011 10:57:23 -0700
Received: by wyg30 with SMTP id 30so1041907wyg.35 for <websec@ietf.org>; Tue, 13 Sep 2011 10:57:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=w4XmJWmqyrbzRLMeGUV8pIIR/uTVgP8c1nruEDQxo9o=; b=Z1558viE+dH0qxc6TN+T/Ug1VqY8xeVVdBNmCUzJt9REYAGmpxvvulUAj67+UcpICu JZX1+XIRCI3Mv2kK6vEg==
Received: by 10.216.209.223 with SMTP id s73mr835822weo.34.1315936642546; Tue, 13 Sep 2011 10:57:22 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.216.209.223 with SMTP id s73mr835815weo.34.1315936642356; Tue, 13 Sep 2011 10:57:22 -0700 (PDT)
Received: by 10.216.61.16 with HTTP; Tue, 13 Sep 2011 10:57:22 -0700 (PDT)
In-Reply-To: <4E6E9B77.1020802@KingsMountain.com>
References: <4E6E9B77.1020802@KingsMountain.com>
Date: Tue, 13 Sep 2011 10:57:22 -0700
Message-ID: <CAOuvq21fqxSqMh2C1umgL2KyJ4tywaXTd0rkrtSThQPZVy5_Qg@mail.gmail.com>
From: Chris Palmer <palmer@google.com>
To: =JeffH <Jeff.Hodges@kingsmountain.com>, IETF WebSec WG <websec@ietf.org>
Content-Type: text/plain; charset="UTF-8"
X-System-Of-Record: true
Cc: Chris Evans <cevans@google.com>
Subject: Re: [websec] Certificate Pinning via HSTS (.txt version)
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Sep 2011 17:55:19 -0000
On Mon, Sep 12, 2011 at 4:53 PM, =JeffH <Jeff.Hodges@kingsmountain.com> wrote: > I've taken the liberty of re-formatting the document in plain text > (attached), which will better facilitate discussion hereabouts. A next step > will be to re-format it as an Internet-Draft and get it submitted (I > volunteer to help you out with that). Thanks for textifying it! I'll XMLify it today and then send it to the list, and you can all make fun of my newbie attempts to use the I-D document type. :) I'm sure I'll need your help to make it real.
- Re: [websec] Certificate Pinning via HSTS (.txt v… =JeffH
- Re: [websec] Certificate Pinning via HSTS (.txt v… Chris Palmer
- Re: [websec] Certificate Pinning via HSTS (.txt v… Peter Saint-Andre
- Re: [websec] Certificate Pinning via HSTS (.txt v… =JeffH
- Re: [websec] Certificate Pinning via HSTS (.txt v… Yoav Nir
- Re: [websec] Certificate Pinning via HSTS (.txt v… Daniel Kahn Gillmor
- Re: [websec] Certificate Pinning via HSTS (.txt v… Marsh Ray
- Re: [websec] Certificate Pinning via HSTS (.txt v… Chris Palmer
- Re: [websec] Certificate Pinning via HSTS (.txt v… Chris Palmer
- Re: [websec] Certificate Pinning via HSTS (.txt v… Gervase Markham
- Re: [websec] Certificate Pinning via HSTS (.txt v… Steingruebl, Andy
- Re: [websec] Certificate Pinning via HSTS (.txt v… Marsh Ray
- Re: [websec] Certificate Pinning via HSTS (.txt v… Chris Palmer
- Re: [websec] Certificate Pinning via HSTS (.txt v… Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS (.txt v… davidillsley
- Re: [websec] Certificate Pinning via HSTS (.txt v… Marsh Ray
- Re: [websec] Certificate Pinning via HSTS (.txt v… Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS (.txt v… davidillsley
- Re: [websec] Certificate Pinning via HSTS (.txt v… SM
- Re: [websec] Certificate Pinning via HSTS (.txt v… Chris Palmer
- Re: [websec] Certificate Pinning via HSTS (.txt v… Yoav Nir
- Re: [websec] Certificate Pinning via HSTS (.txt v… Phillip Hallam-Baker