IETF Logo Mail Archive

Re: [websec] draft-ietf-websec-strict-transport-sec - closing of WGLC

Alexey Melnikov <alexey.melnikov@isode.com> Wed, 04 July 2012 10:25 UTC

Return-Path: <alexey.melnikov@isode.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E48521F87AA for <websec@ietfa.amsl.com>; Wed, 4 Jul 2012 03:25:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.181
X-Spam-Level:
X-Spam-Status: No, score=-102.181 tagged_above=-999 required=5 tests=[AWL=-0.978, BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S9qVGJ52zx-U for <websec@ietfa.amsl.com>; Wed, 4 Jul 2012 03:25:55 -0700 (PDT)
Received: from waldorf.isode.com (cl-125.lon-03.gb.sixxs.net [IPv6:2a00:14f0:e000:7c::2]) by ietfa.amsl.com (Postfix) with ESMTP id 9B87A21F8717 for <websec@ietf.org>; Wed, 4 Jul 2012 03:25:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1341397563; d=isode.com; s=selector; i=@isode.com; bh=ApCjM218j4dP5qTlSxL6wutCfzuIpR/OqEFpGqXA04U=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=nd46T7ETW+B0T5v6/j+gVmEprAGmlLYPZgPwBXOzXU3yn9M+XXW+kVfXMsywXfeTcvOgpF K7g3+fdKItqnTX9wqe3UFG7DMmAlskgkFBHHtufvCJR2UfycSm9MZGCwcVPqbjsvPj5ry9 giaxia4XXZCqnCsL+L/i4tRro/ZVjOU=;
Received: from [188.28.228.72] (188.28.228.72.threembb.co.uk [188.28.228.72]) by waldorf.isode.com (submission channel) via TCP with ESMTPSA id <T=QaOgAkRKPc@waldorf.isode.com>; Wed, 4 Jul 2012 11:26:03 +0100
References: <4FF37B4D.2040502@KingsMountain.com>
In-Reply-To: <4FF37B4D.2040502@KingsMountain.com>
Message-Id: <CC03A3CE-183E-4ABA-88F9-0DF60DFE1B39@isode.com>
X-Mailer: iPad Mail (9B206)
From: Alexey Melnikov <alexey.melnikov@isode.com>
Date: Wed, 04 Jul 2012 11:26:00 +0100
To: =JeffH <Jeff.Hodges@KingsMountain.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Cc: IETF WebSec WG <websec@ietf.org>
Subject: Re: [websec] draft-ietf-websec-strict-transport-sec - closing of WGLC
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jul 2012 10:25:56 -0000

Hi,

On 4 Jul 2012, at 00:07, =JeffH <Jeff.Hodges@KingsMountain.com> wrote:

> > There remain two things left to do:
> >
> <snip/>
> >
> > 2. a check of idnits revealed that there are a few reference problems
> > (including 3 Downref and 1 Obsolete normative reference).
> 
> (here's the actual idnits output..)
> 
> >   ** Downref: Normative reference to an Informational RFC: RFC 2818
> 
> this ref was discussed on-list and deemed appropriate in that it's normative for the definition of HTTPS.
> 

This one is fine, it is in the Downref registry, which means you don't even need to call it out explicitly in the write-up (but it doesn't hurt to do anyway)
> 
> >
> >   ** Obsolete normative reference: RFC 3490 (Obsoleted by RFC 5890, RFC 5891)
> 
> RFC 3490 & RFC 3492 are normatively ref'd out of necessity as discussed on the list. These two refs are annotated thusly..
> 
>              This specification is referenced due to its ongoing
>              relevance to actual deployments for the foreseeable
>              future.
> 
> >
> >   ** Downref: Normative reference to an Informational RFC: RFC 5894
> >
> >   ** Downref: Normative reference to an Informational RFC: RFC 5895
> 
> I believe we decided in the extensive list discussion of the IDNA stuff and these references that we would keep these as normative refs because they really are necessary to getting IDNA stuff right.
> 
> 

These are fine, just call them out explicitly in the write-up
> >
> >   -- Possible downref: Non-RFC (?) normative reference: ref. 'UTS46'
> 
> this is a legit & proper reference. The only alteration I'd do is remove the date on the reference since this spec is intermittently updated.
> 
> (done in my -11 working copy)
> 
> >
> >   -- Possible downref: Non-RFC (?) normative reference: ref. 'Unicode'
> 
> this is a legit & proper reference.
> 
> 
These seem fine.
> 
> 
> > This will come
> > up with the RFC-Editor by the latest, so please revisit the references
> > and check the idnits tool on the draft ASAP.
> > Plus two warnings:
> >
> >   == Missing Reference: 'I-D.draft-ietf-httpbis-p1-messaging-17' is mentioned
> >       on line 1839, but not defined
> 
> This is from the last paragraph in the acks appendix. I've altered it a bit to see if idnits won't barf on it.
> 
> (done in my -11 working copy)
> 
> 
> >
> >    == Outdated reference: A later version (-23) exists of
> >       draft-ietf-dane-protocol-19
> 
> Ok, I updated the ref to -dane-protocol-23 ... but the RFC Editor will ultimately fix this up because the latter is in the rfc-editor-queue and not yet published.
> 

Right.

> (done in my -11 working copy)
> 
> 
> I've only made changes in my -11 working copy that I note above (and added another person to acks)
> 
> Do you suggest any other changes or should I publish -11 ?

I suggest you wait for the AD review (or other issues that might come up on the mailing list).

v2.23.0 | Report a Bug | By Email