IETF Logo Mail Archive

Re: [websec] [saag] Pinning

Yoav Nir <ynir@checkpoint.com> Sat, 11 August 2012 21:30 UTC

Return-Path: <ynir@checkpoint.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9329021F858A for <websec@ietfa.amsl.com>; Sat, 11 Aug 2012 14:30:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.41
X-Spam-Level:
X-Spam-Status: No, score=-10.41 tagged_above=-999 required=5 tests=[AWL=0.189, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DoynlUHmsO6G for <websec@ietfa.amsl.com>; Sat, 11 Aug 2012 14:30:27 -0700 (PDT)
Received: from smtp.checkpoint.com (smtp.checkpoint.com [194.29.34.68]) by ietfa.amsl.com (Postfix) with ESMTP id ACA1021F8582 for <websec@ietf.org>; Sat, 11 Aug 2012 14:30:26 -0700 (PDT)
Received: from il-ex01.ad.checkpoint.com (il-ex01.ad.checkpoint.com [194.29.34.26]) by smtp.checkpoint.com (8.13.8/8.13.8) with ESMTP id q7BLUNeI006911; Sun, 12 Aug 2012 00:30:23 +0300
X-CheckPoint: {5026CBE1-0-1B221DC2-4FFFF}
Received: from il-ex01.ad.checkpoint.com ([126.0.0.2]) by il-ex01.ad.checkpoint.com ([126.0.0.2]) with mapi; Sun, 12 Aug 2012 00:30:23 +0300
From: Yoav Nir <ynir@checkpoint.com>
To: Tom Ritter <tom@ritter.vg>
Date: Sun, 12 Aug 2012 00:30:22 +0300
Thread-Topic: [websec] [saag] Pinning
Thread-Index: Ac14CIPZgeokpe+LR9W2BRgCmgILvg==
Message-ID: <B08F616B-23CE-48E1-BC9D-611FF640B44C@checkpoint.com>
References: <31946C2A-4ACD-46D7-8977-49B681204A7B@checkpoint.com> <8E52CEC5-4FEB-4464-AB11-21F1B9208C5C@checkpoint.com> <38489744-05A9-45F0-A752-7F0B9E96E641@vpnc.org> <4FCF894B.8080002@gondrom.org> <CAOuvq20iC817T-9U3zWG7S2Z=uU=G0i6usOT915ky+9FO8_Zwg@mail.gmail.com> <24C52325-8B51-4DA0-B21D-DC72E184BB23@checkpoint.com> <CA+cU71m=PZRgG34TTTjby=yCbB_z+i4MjEAtVJKE3uOxcKeA1g@mail.gmail.com>
In-Reply-To: <CA+cU71m=PZRgG34TTTjby=yCbB_z+i4MjEAtVJKE3uOxcKeA1g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
x-kse-antivirus-interceptor-info: scan successful
x-kse-antivirus-info: Clean
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: Chris Evans <cevans@google.com>, IETF WebSec WG <websec@ietf.org>, Moxie Marlinspike <moxie@thoughtcrime.org>
Subject: Re: [websec] [saag] Pinning
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Aug 2012 21:30:27 -0000

Hi Tom

On Aug 11, 2012, at 11:57 PM, Tom Ritter wrote:

> I don't know IETF procedure for making changes, but one of the
> outstanding issues I don't think has been resolved with
> draft-ietf-websec-key-pinning-02 is inherited DSA parameters.  I
> raised this issue here:
> http://www.ietf.org/mail-archive/web/websec/current/msg01027.html with
> suggested verbiage.

That message of yours flew under the radar. I don't know why.

The IETF procedure for making changes is to raise the suggestion on the mailing list, and discuss it there until consensus is reached.

To help with that, we may use an issue tracker (similar to a bug tracker like bugzilla). I've opened three tickets for the issues in your email:
http://trac.tools.ietf.org/wg/websec/trac/ticket/50
http://trac.tools.ietf.org/wg/websec/trac/ticket/51
http://trac.tools.ietf.org/wg/websec/trac/ticket/52

We can start a thread on each of them.

Easy way is the editors start the thread with "looking at issue #50, we agree and it seems OK to us. Anyone object?", and then if nobody objects, the text is updated, a new draft is published, and if you think it's OK, we close the ticket.  If there are objections (by the editors or others), they get discussed.

Yoav

v2.23.0 | Report a Bug | By Email