Re: [websec] draft-ietf-websec-strict-transport-sec - closing of WGLC
Tobias Gondrom <tobias.gondrom@gondrom.org> Tue, 03 July 2012 20:35 UTC
Return-Path: <tobias.gondrom@gondrom.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D29821F864A for <websec@ietfa.amsl.com>; Tue, 3 Jul 2012 13:35:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.016
X-Spam-Level:
X-Spam-Status: No, score=-99.016 tagged_above=-999 required=5 tests=[AWL=-2.238, BAYES_00=-2.599, FH_HELO_EQ_D_D_D_D=1.597, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sDP8rgZX71Cg for <websec@ietfa.amsl.com>; Tue, 3 Jul 2012 13:35:44 -0700 (PDT)
Received: from lvps83-169-7-107.dedicated.hosteurope.de (www.gondrom.org [83.169.7.107]) by ietfa.amsl.com (Postfix) with ESMTP id 5605521F86C3 for <websec@ietf.org>; Tue, 3 Jul 2012 13:35:44 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=gondrom.org; b=GbROXsS2bEMP7qbWXQFWcYsKSslPOblP0XUWxvIB90zEtF6I9/p3ZECwvCJ44Z/1D2a9IFTnoE3HxjC0h9FCEL7XSmvFbMvgGUOHRYK1IiwdqU1pTHlf+5wH1gti70V7; h=Received:Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding;
Received: (qmail 5959 invoked from network); 3 Jul 2012 22:35:50 +0200
Received: from 94-194-102-93.zone8.bethere.co.uk (HELO ?192.168.1.71?) (94.194.102.93) by www.gondrom.org with (DHE-RSA-AES256-SHA encrypted) SMTP; 3 Jul 2012 22:35:50 +0200
Message-ID: <4FF357A5.2020806@gondrom.org>
Date: Tue, 03 Jul 2012 21:35:49 +0100
From: Tobias Gondrom <tobias.gondrom@gondrom.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:13.0) Gecko/20120615 Thunderbird/13.0.1
MIME-Version: 1.0
To: websec@ietf.org
References: <20120702212120.2873.21985.idtracker@ietfa.amsl.com>
In-Reply-To: <20120702212120.2873.21985.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [websec] draft-ietf-websec-strict-transport-sec - closing of WGLC
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Jul 2012 20:35:45 -0000
<hat="chair">
Hello Jeff and all HSTS authors and contributors!
Thank you for putting out the new revised version.
I think this should conclude the WG Last call on the draft and I will
recommend the draft for IETF Last Call, as far as there are no
objections raised from the WG. The shepherd write-up for HSTS is
currently with my co-chair for review prior submission to the AD.
There remain two things left to do:
1. @all authors: Could every author please confirm that any and all
appropriate IPR
disclosures required for full conformance with the provisions of BCP 78
and BCP 79 have already been filed?
A simple reply to the mailing-list or me with "Yes. All is conform with
BCP 78 and BCP 79." by each author would be sufficient. To my knowledge
no IPR discosures have been made for this draft. Please inform me if
there are any?
2. a check of idnits revealed that there are a few reference problems
(including 3 Downref and 1 Obsolete normative reference). This will come
up with the RFC-Editor by the latest, so please revisit the references
and check the idnits tool on the draft ASAP.
Plus two warnings:
== Missing Reference: 'I-D.draft-ietf-httpbis-p1-messaging-17' is mentioned
on line 1839, but not defined
== Outdated reference: A later version (-23) exists of
draft-ietf-dane-protocol-19
Best regards, Tobias
On 02/07/12 22:21, internet-drafts@ietf.org wrote:
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Web Security Working Group of the IETF.
>
> Title : HTTP Strict Transport Security (HSTS)
> Author(s) : Jeff Hodges
> Collin Jackson
> Adam Barth
> Filename : draft-ietf-websec-strict-transport-sec-10.txt
> Pages : 48
> Date : 2012-07-02
>
> Abstract:
> This specification defines a mechanism enabling web sites to declare
> themselves accessible only via secure connections, and/or for users
> to be able to direct their user agent(s) to interact with given sites
> only over secure connections. This overall policy is referred to as
> HTTP Strict Transport Security (HSTS). The policy is declared by web
> sites via the Strict-Transport-Security HTTP response header field,
> and/or by other means, such as user agent configuration, for example.
>
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-websec-strict-transport-sec
>
> There's also a htmlized version available at:
> http://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec-10
>
> A diff from previous version is available at:
> http://tools.ietf.org/rfcdiff?url2=draft-ietf-websec-strict-transport-sec-10
>
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
>
> _______________________________________________
> websec mailing list
> websec@ietf.org
> https://www.ietf.org/mailman/listinfo/websec
- [websec] I-D Action: draft-ietf-websec-strict-tra… internet-drafts
- Re: [websec] draft-ietf-websec-strict-transport-s… Tobias Gondrom