[websec] I-D Action: draft-ietf-websec-key-pinning-17.txt
internet-drafts@ietf.org Wed, 25 June 2014 23:45 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D1DA1B28F5; Wed, 25 Jun 2014 16:45:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5wWLocEKfgUX; Wed, 25 Jun 2014 16:45:28 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 74A911B28FF; Wed, 25 Jun 2014 16:45:26 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 5.5.0.p3
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20140625234526.14596.68415.idtracker@ietfa.amsl.com>
Date: Wed, 25 Jun 2014 16:45:26 -0700
Archived-At: http://mailarchive.ietf.org/arch/msg/websec/aq1jon8gFVhcyiyW9VCi_hTKHIs
Cc: websec@ietf.org
Subject: [websec] I-D Action: draft-ietf-websec-key-pinning-17.txt
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.15
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec/>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Jun 2014 23:45:29 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Security Working Group of the IETF.
Title : Public Key Pinning Extension for HTTP
Authors : Chris Evans
Chris Palmer
Ryan Sleevi
Filename : draft-ietf-websec-key-pinning-17.txt
Pages : 26
Date : 2014-06-25
Abstract:
This memo describes an extension to the HTTP protocol allowing web
host operators to instruct user agents to remember ("pin") the hosts'
cryptographic identities for a given period of time. During that
time, UAs will require that the host present a certificate chain
including at least one Subject Public Key Info structure whose
fingerprint matches one of the pinned fingerprints for that host. By
effectively reducing the number of authorities who can authenticate
the domain during the lifetime of the pin, pinning may reduce the
incidence of man-in-the-middle attacks due to compromised
Certification Authorities.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-websec-key-pinning/
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-websec-key-pinning-17
A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-websec-key-pinning-17
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- [websec] I-D Action: draft-ietf-websec-key-pinnin… internet-drafts