[websec] closing of WEBSEC WG (was: Re: RFC 7469 on Public Key Pinning Extension for HTTP)
Tobias Gondrom <tobias.gondrom@gondrom.org> Fri, 17 April 2015 22:29 UTC
Return-Path: <tobias.gondrom@gondrom.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D47951B30AC for <websec@ietfa.amsl.com>; Fri, 17 Apr 2015 15:29:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -96.665
X-Spam-Level:
X-Spam-Status: No, score=-96.665 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FH_HELO_EQ_D_D_D_D=1.597, HELO_DYNAMIC_IPADDR=1.951, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MXCahCz_DRks for <websec@ietfa.amsl.com>; Fri, 17 Apr 2015 15:29:25 -0700 (PDT)
Received: from lvps5-35-241-16.dedicated.hosteurope.de (www.gondrom.org [5.35.241.16]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9B7781B30A8 for <websec@ietf.org>; Fri, 17 Apr 2015 15:29:25 -0700 (PDT)
Received: from [163.119.49.41] (unknown [163.119.49.41]) by lvps5-35-241-16.dedicated.hosteurope.de (Postfix) with ESMTPSA id 386236364C; Sat, 18 Apr 2015 00:29:23 +0200 (CEST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=gondrom.org; b=ozdMsFykSf/iktYoqxu7ZkgMpFugwd9LMoqc25qZOii+xbaDAsQFPMRrLAAj852QLmV2zVEIbRNOKHnYOhIMDjmTV+C1dZ83Ytb9fEW6vgzPeYa41YW6PNC1lNtNK25ZnRm9VU2wimDqpFZJol5riDl8ZEfS/Q2H96vwpYne9o4=; h=Message-ID:Date:From:User-Agent:MIME-Version:To:CC:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding;
Message-ID: <55318942.4040901@gondrom.org>
Date: Fri, 17 Apr 2015 23:29:22 +0100
From: Tobias Gondrom <tobias.gondrom@gondrom.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: websec@ietf.org
References: <20150417203831.0E15E180452@rfc-editor.org> <CAC4RtVDJn-K_Cp8vLzunmRDRCcSm7YTb=gJSHKdKRczkBsRu=Q@mail.gmail.com>
In-Reply-To: <CAC4RtVDJn-K_Cp8vLzunmRDRCcSm7YTb=gJSHKdKRczkBsRu=Q@mail.gmail.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/websec/hJ-ePsrV8dDSOgl3qcH8s6q09G0>
Cc: barryleiba@computer.org
Subject: [websec] closing of WEBSEC WG (was: Re: RFC 7469 on Public Key Pinning Extension for HTTP)
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec/>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Apr 2015 22:29:28 -0000
Hurray! :-) :-) :-) And a big "thank you" from me as well to all the many participants, authors, contributors and my fellow co-chairs. I very much appreciate the hard work from all of you and the good and very productive discussions we had in the WG and I think we can be proud that our work items are already finding their way into main stream adoption and can help to make the Internet a little bit safer. With the last document released, we can now close our WEBSEC WG. Many thanks and many greetings, Tobias (websec co-chair) On 17/04/15 22:37, Barry Leiba wrote: > The final websec document has been published today by the RFC Editor. > With that, the websec working group has completed its work. Thanks > very much to all the participants who spent their time and effort > working on this, and especially to Tobias, Yoav, and Alexey, the > current and past chairs. > > I will be asking the Secretariat to close the working group. The > mailing list will remain open for related discussion. > > Barry, Applications AD > > > On Fri, Apr 17, 2015 at 4:38 PM, <rfc-editor@rfc-editor.org> wrote: >> A new Request for Comments is now available in online RFC libraries. >> >> >> RFC 7469 >> >> Title: Public Key Pinning Extension for HTTP >> Author: C. Evans, C. Palmer, R. Sleevi >> Status: Standards Track >> Stream: IETF >> Date: April 2015 >> Mailbox: cevans@google.com, >> palmer@google.com, >> sleevi@google.com >> Pages: 28 >> Characters: 61619 >> Updates/Obsoletes/SeeAlso: None >> >> I-D Tag: draft-ietf-websec-key-pinning-21.txt >> >> URL: https://www.rfc-editor.org/info/rfc7469 >> >> This document defines a new HTTP header that allows web host >> operators to instruct user agents to remember ("pin") the hosts' >> cryptographic identities over a period of time. During that time, >> user agents (UAs) will require that the host presents a certificate >> chain including at least one Subject Public Key Info structure whose >> fingerprint matches one of the pinned fingerprints for that host. By >> effectively reducing the number of trusted authorities who can >> authenticate the domain during the lifetime of the pin, pinning may >> reduce the incidence of man-in-the-middle attacks due to compromised >> Certification Authorities. >> >> This document is a product of the Web Security Working Group of the IETF. >> >> This is now a Proposed Standard. >> >> STANDARDS TRACK: This document specifies an Internet Standards Track >> protocol for the Internet community, and requests discussion and suggestions >> for improvements. Please refer to the current edition of the Official >> Internet Protocol Standards (https://www.rfc-editor.org/standards) for the >> standardization state and status of this protocol. Distribution of this >> memo is unlimited. >> >> This announcement is sent to the IETF-Announce and rfc-dist lists. >> To subscribe or unsubscribe, see >> https://www.ietf.org/mailman/listinfo/ietf-announce >> https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist >> >> For searching the RFC series, see https://www.rfc-editor.org/search >> For downloading RFCs, see https://www.rfc-editor.org/rfc.html >> >> Requests for special distribution should be addressed to either the >> author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless >> specifically noted otherwise on the RFC itself, all RFCs are for >> unlimited distribution. >> >> >> The RFC Editor Team >> Association Management Solutions, LLC >> >> > _______________________________________________ > websec mailing list > websec@ietf.org > https://www.ietf.org/mailman/listinfo/websec
- [websec] RFC 7469 on Public Key Pinning Extension… rfc-editor
- Re: [websec] RFC 7469 on Public Key Pinning Exten… Barry Leiba
- [websec] closing of WEBSEC WG (was: Re: RFC 7469 … Tobias Gondrom