Re: [websec] Issue that came up about HSTS
"Steingruebl, Andy" <asteingruebl@paypal-inc.com> Mon, 29 October 2012 02:53 UTC
Return-Path: <asteingruebl@paypal-inc.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3160F21F8539 for <websec@ietfa.amsl.com>; Sun, 28 Oct 2012 19:53:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Di0CKSIeRJ5w for <websec@ietfa.amsl.com>; Sun, 28 Oct 2012 19:53:36 -0700 (PDT)
Received: from den-mipot-002.corp.ebay.com (den-mipot-002.corp.ebay.com [216.113.175.153]) by ietfa.amsl.com (Postfix) with ESMTP id 9000321F8538 for <websec@ietf.org>; Sun, 28 Oct 2012 19:53:24 -0700 (PDT)
DomainKey-Signature: s=paypalcorp; d=paypal-inc.com; c=nofws; q=dns; h=X-EBay-Corp:X-IronPort-AV:Received:Received:From:To:CC: Subject:Thread-Topic:Thread-Index:Date:Message-ID: References:In-Reply-To:Accept-Language:Content-Language: X-MS-Has-Attach:X-MS-TNEF-Correlator:x-originating-ip: Content-Type:Content-Transfer-Encoding:MIME-Version: X-CFilter; b=U3P7WGtUik/RcjyrCtmB3QAjLrcM/nlsosGqdfAzCpT8yTRVW7lxiJju TxF8Dr0s9R3a/7/hQkFR4L++hf8zEvHXPFD0XX5Dig2Ft9IU2ubIttWfQ 3zJaZxPQ/zDGsghBtwc81S33+5X83wBkmYejWQuV+rGpHnK9gENSjIV4a s=;
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paypal-inc.com; i=asteingruebl@paypal-inc.com; q=dns/txt; s=paypalcorp; t=1351479217; x=1383015217; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=PT1s13G+1+XOb/nV5JRq0sCT1Cc4uNv6aU8KZetehHA=; b=uR2cqoCd0x8gyCB92oInTBTequYtN5c2RA/tl+RnZrltr6U0wiYNExcK +TbkKllidLPs3Zw9OKXQ2TZK2Zrh4IB/YnE5DgD/ASwQGiHn2bj3g5k93 QMUv1mvi7t1oz+A/xvd2V05SHEGRRmOoR0wsKxCpowNTVDXlF7KHxzLOe A=;
X-EBay-Corp: Yes
X-IronPort-AV: E=Sophos;i="4.80,668,1344236400"; d="scan'208";a="11027578"
Received: from den-vtenf-002.corp.ebay.com (HELO DEN-EXMHT-002.corp.ebay.com) ([10.101.112.213]) by den-mipot-002.corp.ebay.com with ESMTP; 28 Oct 2012 19:53:24 -0700
Received: from DEN-EXDDA-S12.corp.ebay.com ([fe80::40c1:9cf7:d21e:46c]) by DEN-EXMHT-002.corp.ebay.com ([fe80::cbe:ffa5:17f0:a24a%14]) with mapi id 14.02.0318.001; Sun, 28 Oct 2012 20:53:23 -0600
From: "Steingruebl, Andy" <asteingruebl@paypal-inc.com>
To: Paul Hoffman <paul.hoffman@vpnc.org>, Yoav Nir <ynir@checkpoint.com>
Thread-Topic: [websec] Issue that came up about HSTS
Thread-Index: Ac20DkaD8zHkXAo/SM6CcAwX5NsjzwAf3tgAADyjKrA=
Date: Mon, 29 Oct 2012 02:53:23 +0000
Message-ID: <1DFCCAFE421024488073B74EEA0173E13884DF@DEN-EXDDA-S12.corp.ebay.com>
References: <70C766B8-FBF5-4421-B6CE-BCE616FC023B@checkpoint.com> <867E7110-38EB-4739-8FCF-0A5324EA0C26@vpnc.org>
In-Reply-To: <867E7110-38EB-4739-8FCF-0A5324EA0C26@vpnc.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.245.27.242]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter: Scanned
Cc: IETF WebSec WG <websec@ietf.org>
Subject: Re: [websec] Issue that came up about HSTS
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Oct 2012 02:53:37 -0000
> -----Original Message----- > From: websec-bounces@ietf.org [mailto:websec-bounces@ietf.org] On > Behalf Of Paul Hoffman > > On Oct 26, 2012, at 11:42 PM, Yoav Nir <ynir@checkpoint.com> wrote: > > > draft-ietf-websec-strict-transport-sec is now being edited by the RFC > editor. An issue has come up. We need to resolve this quickly, so please read > the following and reply to the list with your opinions. > > This looks like a useful, harmless addition. If you need a second, consider this it :) - Andy
- [websec] Issue that came up about HSTS Yoav Nir
- Re: [websec] Issue that came up about HSTS Paul Hoffman
- Re: [websec] Issue that came up about HSTS Steingruebl, Andy
- Re: [websec] Issue that came up about HSTS Yoav Nir