Re: [websec] draft-ietf-websec-strict-transport-sec - closing of WGLC
=JeffH <Jeff.Hodges@KingsMountain.com> Tue, 03 July 2012 23:07 UTC
Return-Path: <Jeff.Hodges@KingsMountain.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7EE6811E80D9 for <websec@ietfa.amsl.com>; Tue, 3 Jul 2012 16:07:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.538
X-Spam-Level:
X-Spam-Status: No, score=-100.538 tagged_above=-999 required=5 tests=[AWL=-0.043, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iGEUKRjft2Ex for <websec@ietfa.amsl.com>; Tue, 3 Jul 2012 16:07:51 -0700 (PDT)
Received: from oproxy1-pub.bluehost.com (oproxy1.bluehost.com [IPv6:2605:dc00:100:2::a1]) by ietfa.amsl.com (Postfix) with SMTP id C59AA11E8087 for <websec@ietf.org>; Tue, 3 Jul 2012 16:07:51 -0700 (PDT)
Received: (qmail 10100 invoked by uid 0); 3 Jul 2012 23:07:58 -0000
Received: from unknown (HELO box514.bluehost.com) (74.220.219.114) by oproxy1.bluehost.com with SMTP; 3 Jul 2012 23:07:58 -0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kingsmountain.com; s=default; h=Content-Transfer-Encoding:Content-Type:Subject:CC:To:MIME-Version:From:Date:Message-ID; bh=lV5PnG4FQZMd/H9nHlKJfd/0W9TVhNTmWb/r7NPkBSI=; b=5asU/tdBUlDo6algolyD3nmEyBuA9OVi8tmeHZdOmgMWNot7l1U/Ke6xpCe1JmFULQy2+UwB2Wddy6owPYRBaeGeytIEX8bm34+ZFxDa9c9uSTaB6uZsY5LH6XxAPMHA;
Received: from [216.113.168.128] (port=7001 helo=[10.244.137.253]) by box514.bluehost.com with esmtpsa (TLSv1:CAMELLIA256-SHA:256) (Exim 4.76) (envelope-from <Jeff.Hodges@KingsMountain.com>) id 1SmCCM-0002tH-Fs; Tue, 03 Jul 2012 17:07:58 -0600
Message-ID: <4FF37B4D.2040502@KingsMountain.com>
Date: Tue, 03 Jul 2012 16:07:57 -0700
From: =JeffH <Jeff.Hodges@KingsMountain.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:13.0) Gecko/20120615 Thunderbird/13.0.1
MIME-Version: 1.0
To: Tobias Gondrom <tobias.gondrom@gondrom.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Identified-User: {11025:box514.bluehost.com:kingsmou:kingsmountain.com} {sentby:smtp auth 216.113.168.128 authed with jeff.hodges+kingsmountain.com}
Cc: IETF WebSec WG <websec@ietf.org>
Subject: Re: [websec] draft-ietf-websec-strict-transport-sec - closing of WGLC
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Jul 2012 23:07:52 -0000
> There remain two things left to do:
>
<snip/>
>
> 2. a check of idnits revealed that there are a few reference problems
> (including 3 Downref and 1 Obsolete normative reference).
(here's the actual idnits output..)
> ** Downref: Normative reference to an Informational RFC: RFC 2818
this ref was discussed on-list and deemed appropriate in that it's normative
for the definition of HTTPS.
>
> ** Obsolete normative reference: RFC 3490 (Obsoleted by RFC 5890, RFC 5891)
RFC 3490 & RFC 3492 are normatively ref'd out of necessity as discussed on the
list. These two refs are annotated thusly..
This specification is referenced due to its ongoing
relevance to actual deployments for the foreseeable
future.
>
> ** Downref: Normative reference to an Informational RFC: RFC 5894
>
> ** Downref: Normative reference to an Informational RFC: RFC 5895
I believe we decided in the extensive list discussion of the IDNA stuff and
these references that we would keep these as normative refs because they really
are necessary to getting IDNA stuff right.
>
> -- Possible downref: Non-RFC (?) normative reference: ref. 'UTS46'
this is a legit & proper reference. The only alteration I'd do is remove the
date on the reference since this spec is intermittently updated.
(done in my -11 working copy)
>
> -- Possible downref: Non-RFC (?) normative reference: ref. 'Unicode'
this is a legit & proper reference.
> This will come
> up with the RFC-Editor by the latest, so please revisit the references
> and check the idnits tool on the draft ASAP.
> Plus two warnings:
>
> == Missing Reference: 'I-D.draft-ietf-httpbis-p1-messaging-17' is mentioned
> on line 1839, but not defined
This is from the last paragraph in the acks appendix. I've altered it a bit to
see if idnits won't barf on it.
(done in my -11 working copy)
>
> == Outdated reference: A later version (-23) exists of
> draft-ietf-dane-protocol-19
Ok, I updated the ref to -dane-protocol-23 ... but the RFC Editor will
ultimately fix this up because the latter is in the rfc-editor-queue and not
yet published.
(done in my -11 working copy)
I've only made changes in my -11 working copy that I note above (and added
another person to acks)
Do you suggest any other changes or should I publish -11 ?
thanks,
=JeffH
- Re: [websec] draft-ietf-websec-strict-transport-s… =JeffH
- Re: [websec] draft-ietf-websec-strict-transport-s… =JeffH
- Re: [websec] draft-ietf-websec-strict-transport-s… Adam Barth
- Re: [websec] draft-ietf-websec-strict-transport-s… =JeffH
- Re: [websec] draft-ietf-websec-strict-transport-s… Alexey Melnikov
- Re: [websec] draft-ietf-websec-strict-transport-s… =JeffH
- Re: [websec] draft-ietf-websec-strict-transport-s… Peter Saint-Andre
- Re: [websec] draft-ietf-websec-strict-transport-s… Alexey Melnikov
- Re: [websec] draft-ietf-websec-strict-transport-s… Collin Jackson