Re: [websec] handling STS header field extendability
Yoav Nir <ynir@checkpoint.com> Mon, 27 August 2012 20:28 UTC
Return-Path: <ynir@checkpoint.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC14121F8495 for <websec@ietfa.amsl.com>; Mon, 27 Aug 2012 13:28:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.439
X-Spam-Level:
X-Spam-Status: No, score=-10.439 tagged_above=-999 required=5 tests=[AWL=0.160, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q2zA93ZZ7U5n for <websec@ietfa.amsl.com>; Mon, 27 Aug 2012 13:28:07 -0700 (PDT)
Received: from smtp.checkpoint.com (smtp.checkpoint.com [194.29.34.68]) by ietfa.amsl.com (Postfix) with ESMTP id C513221F846B for <websec@ietf.org>; Mon, 27 Aug 2012 13:28:06 -0700 (PDT)
Received: from il-ex01.ad.checkpoint.com (il-ex01.ad.checkpoint.com [194.29.34.26]) by smtp.checkpoint.com (8.13.8/8.13.8) with ESMTP id q7RKS38F005955; Mon, 27 Aug 2012 23:28:03 +0300
X-CheckPoint: {503BD477-1-1B221DC2-4FFFF}
Received: from il-ex01.ad.checkpoint.com ([126.0.0.2]) by il-ex01.ad.checkpoint.com ([126.0.0.2]) with mapi; Mon, 27 Aug 2012 23:28:03 +0300
From: Yoav Nir <ynir@checkpoint.com>
To: Tobias Gondrom <tobias.gondrom@gondrom.org>
Date: Mon, 27 Aug 2012 23:28:06 +0300
Thread-Topic: [websec] handling STS header field extendability
Thread-Index: Ac2EknU8achNLVl6Twew+vwBv2SpNg==
Message-ID: <C4EDA5AF-D958-4FE3-AFF9-35C76E56F1C1@checkpoint.com>
References: <503279FA.5070304@KingsMountain.com> <503BD234.5030509@KingsMountain.com> <503BD617.3000607@gondrom.org>
In-Reply-To: <503BD617.3000607@gondrom.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
x-kse-antivirus-interceptor-info: scan successful
x-kse-antivirus-info: Clean
x-cpdlp: 1193c9b9ae2d3a45035bd4c620f020c777c1b75217
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "websec@ietf.org" <websec@ietf.org>
Subject: Re: [websec] handling STS header field extendability
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Aug 2012 20:28:07 -0000
With no hats: let's not choose a policy for a registry that we are not setting up, especially since we're not even sure that it's ever going to be set up. We can leave it to the first extension document to set up the registry and policy. If that document ever comes. Yoav On Aug 27, 2012, at 11:18 PM, Tobias Gondrom wrote: > Hello dear websec fellows, > > <hat="WG chair"> > we have so far only very few comments regarding this. If you feel > strongly either way, please say so ASAP, within the next 5 days (until > Sep-1), otherwise we will have to go with the few comments we received > to judge consensus based on them. > > Thank you, Tobias > > > On 27/08/12 21:01, =JeffH wrote: >> On 08/20/2012 10:55 AM, =JeffH wrote:> Thanks for the clarification >> Barry. Yes, this question is in response to Ben >>> Campbell's review comment (which I was going to note, but you took >> care of it :) >>> >>>> "We need to decide on an IANA policy *or* explicitly decide that we >>>> don't want to choose that now, and leave it to whoever creates the >>>> registry later." >>> >>> yes, that's a more accurate statement of the decision. >>> >>> Either way is fine by me. >> >> Do we have a decision on this as yet? >> >> thanks, >> >> =JeffH
- Re: [websec] handling STS header field extendabil… =JeffH
- Re: [websec] handling STS header field extendabil… Alexey Melnikov
- [websec] handling STS header field extendability =JeffH
- Re: [websec] handling STS header field extendabil… Chris Palmer
- Re: [websec] handling STS header field extendabil… Tom Ritter
- Re: [websec] handling STS header field extendabil… Hill, Brad
- Re: [websec] handling STS header field extendabil… Collin Jackson
- Re: [websec] handling STS header field extendabil… Paul Hoffman
- Re: [websec] handling STS header field extendabil… Collin Jackson
- Re: [websec] handling STS header field extendabil… Paul Hoffman
- Re: [websec] handling STS header field extendabil… Hill, Brad
- Re: [websec] handling STS header field extendabil… Chris Palmer
- Re: [websec] handling STS header field extendabil… Paul Hoffman
- Re: [websec] handling STS header field extendabil… Hill, Brad
- Re: [websec] handling STS header field extendabil… Hill, Brad
- Re: [websec] handling STS header field extendabil… Paul Hoffman
- Re: [websec] handling STS header field extendabil… Tobias Gondrom
- Re: [websec] handling STS header field extendabil… Collin Jackson
- Re: [websec] handling STS header field extendabil… Barry Leiba
- Re: [websec] handling STS header field extendabil… Yoav Nir
- Re: [websec] handling STS header field extendabil… Tobias Gondrom
- Re: [websec] handling STS header field extendabil… =JeffH
- Re: [websec] handling STS header field extendabil… Yoav Nir
- Re: [websec] handling STS header field extendabil… Tobias Gondrom
- Re: [websec] handling STS header field extendabil… Barry Leiba
- Re: [websec] handling STS header field extendabil… =JeffH
- Re: [websec] handling STS header field extendabil… Tobias Gondrom
- Re: [websec] handling STS header field extendabil… Yoav Nir
- Re: [websec] handling STS header field extendabil… Paul Hoffman
- Re: [websec] handling STS header field extendabil… =JeffH