Re: [websec] STS ABNF, was: new rev: draft-ietf-websec-strict-transport-sec-04
=JeffH <Jeff.Hodges@KingsMountain.com> Thu, 05 April 2012 22:40 UTC
Return-Path: <Jeff.Hodges@KingsMountain.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FA6521F871C for <websec@ietfa.amsl.com>; Thu, 5 Apr 2012 15:40:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -97.988
X-Spam-Level:
X-Spam-Status: No, score=-97.988 tagged_above=-999 required=5 tests=[AWL=0.093, BAYES_40=-0.185, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uyishE+zJJu0 for <websec@ietfa.amsl.com>; Thu, 5 Apr 2012 15:40:21 -0700 (PDT)
Received: from oproxy5-pub.bluehost.com (oproxy5.bluehost.com [IPv6:2605:dc00:100:2::a5]) by ietfa.amsl.com (Postfix) with SMTP id 8BE7D21F86DE for <websec@ietf.org>; Thu, 5 Apr 2012 15:40:21 -0700 (PDT)
Received: (qmail 22422 invoked by uid 0); 5 Apr 2012 22:40:20 -0000
Received: from unknown (HELO box514.bluehost.com) (74.220.219.114) by cpoproxy2.bluehost.com with SMTP; 5 Apr 2012 22:40:20 -0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=kingsmountain.com; s=default; h=Content-Transfer-Encoding:Content-Type:Subject:CC:To:MIME-Version:From:Date:Message-ID; bh=JPR25WSBTCNlIPoRGoraiJViu5D9PWGRPd8ZgbMzBBk=; b=YYlT8AIKTihcMq6fTZpKIGA6fCOeuVIAlUnGPEeNEo4WwF2YYhte7g5TiFmVl5nvGMO7a+jfjEriAocgH7qitepfhbP/GiQuXq5BJ24K1k5RqNTMvwezRFH377sAPGDu;
Received: from c-24-4-122-173.hsd1.ca.comcast.net ([24.4.122.173] helo=[192.168.11.11]) by box514.bluehost.com with esmtpsa (TLSv1:CAMELLIA256-SHA:256) (Exim 4.76) (envelope-from <Jeff.Hodges@KingsMountain.com>) id 1SFvLn-0006oQ-NC; Thu, 05 Apr 2012 16:40:19 -0600
Message-ID: <4F7E1F51.9040002@KingsMountain.com>
Date: Thu, 05 Apr 2012 15:40:17 -0700
From: =JeffH <Jeff.Hodges@KingsMountain.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.28) Gecko/20120313 Thunderbird/3.1.20
MIME-Version: 1.0
To: Julian Reschke <julian.reschke@gmx.de>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Identified-User: {11025:box514.bluehost.com:kingsmou:kingsmountain.com} {sentby:smtp auth 24.4.122.173 authed with jeff.hodges+kingsmountain.com}
Cc: IETF WebSec WG <websec@ietf.org>
Subject: Re: [websec] STS ABNF, was: new rev: draft-ietf-websec-strict-transport-sec-04
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Apr 2012 22:40:22 -0000
Thanks for the feedback, proposed edits, and hacked xml2rfc source. > So this > > - states that the given ABNF applies to the value after q-s processing > (when needed) > - changes the ABNF to specify only the *value* Ok. so you suggested.. 6.1.1. The max-age Directive The REQUIRED max-age directive specifies the number of seconds, after the reception of the STS header field, during which the UA regards the host, from whom the message was received, as a Known HSTS Host (see also Section 8.1.1 "Noting a HSTS Host", below). The syntax of the max-age directive's value (after potential applying quoted-string unescaping) is: max-age-v = delta-seconds delta-seconds = <1*DIGIT, defined in [RFC2616], Section 3.3.2> Note: A max-age value of zero signals the UA to cease regarding the host as a Known HSTS Host. ..and I presently am polishing that to be.. 6.1.1. The max-age Directive The REQUIRED "max-age" directive specifies the number of seconds, after the reception of the STS header field, during which the UA regards the host, from whom the message was received, as a Known HSTS Host (see also Section 8.1.1 "Noting a HSTS Host", below). The max-age directive value has the following syntax (after quoted-string unescaping, if necessary): max-age-value = delta-seconds delta-seconds = <1*DIGIT, defined in [RFC2616], Section 3.3.2> Note: A max-age value of zero signals the UA to cease regarding the host as a Known HSTS Host. I'm a little concerned that without an explicit syntax declaration such as.. max-age = "max-age" "=" max-age-value ..we'll confuse some readers ("what do i actually put in the STS header for this directive??"), but hopefully the examples in section 6.2, as well as putting the directive name in quotes in the first paragraph, will address this. thx, =JeffH
- [websec] STS ABNF, was: new rev: draft-ietf-webse… =JeffH
- Re: [websec] STS ABNF, was: new rev: draft-ietf-w… Julian Reschke
- [websec] STS ABNF, was: new rev: draft-ietf-webse… =JeffH
- Re: [websec] STS ABNF, was: new rev: draft-ietf-w… Julian Reschke
- Re: [websec] STS ABNF, was: new rev: draft-ietf-w… =JeffH
- Re: [websec] STS ABNF, was: new rev: draft-ietf-w… Julian Reschke
- Re: [websec] STS ABNF, was: new rev: draft-ietf-w… =JeffH
- Re: [websec] STS ABNF, was: new rev: draft-ietf-w… Julian Reschke
- Re: [websec] STS ABNF, was: new rev: draft-ietf-w… Julian Reschke
- Re: [websec] STS ABNF, was: new rev: draft-ietf-w… =JeffH
- Re: [websec] STS ABNF, was: new rev: draft-ietf-w… =JeffH
- Re: [websec] STS ABNF, was: new rev: draft-ietf-w… Julian Reschke