[websec] I-D Action: draft-ietf-websec-key-pinning-20.txt
internet-drafts@ietf.org Thu, 07 August 2014 18:11 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D136A1A0322; Thu, 7 Aug 2014 11:11:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z4YmIJ4Tq82W; Thu, 7 Aug 2014 11:11:44 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 9156A1A035B; Thu, 7 Aug 2014 11:11:40 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 5.6.2.p5
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20140807181140.4935.81427.idtracker@ietfa.amsl.com>
Date: Thu, 07 Aug 2014 11:11:40 -0700
Archived-At: http://mailarchive.ietf.org/arch/msg/websec/dJ7KJ8E4AUBvtCQfc7-trjh0WkQ
Cc: websec@ietf.org
Subject: [websec] I-D Action: draft-ietf-websec-key-pinning-20.txt
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.15
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec/>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Aug 2014 18:11:46 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Security Working Group of the IETF.
Title : Public Key Pinning Extension for HTTP
Authors : Chris Evans
Chris Palmer
Ryan Sleevi
Filename : draft-ietf-websec-key-pinning-20.txt
Pages : 26
Date : 2014-08-07
Abstract:
This document describes an extension to the HTTP protocol allowing
web host operators to instruct user agents to remember ("pin") the
hosts' cryptographic identities for a given period of time. During
that time, UAs will require that the host present a certificate chain
including at least one Subject Public Key Info structure whose
fingerprint matches one of the pinned fingerprints for that host. By
effectively reducing the number of authorities who can authenticate
the domain during the lifetime of the pin, pinning may reduce the
incidence of man-in-the-middle attacks due to compromised
Certification Authorities.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-websec-key-pinning/
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-websec-key-pinning-20
A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-websec-key-pinning-20
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- [websec] I-D Action: draft-ietf-websec-key-pinnin… internet-drafts
- Re: [websec] I-D Action: draft-ietf-websec-key-pi… Mehner, Carl
- Re: [websec] I-D Action: draft-ietf-websec-key-pi… Yoav Nir