Re: [websec] DISCUSS positions on draft-ietf-websec-key-pinning
Ryan Sleevi <sleevi@google.com> Thu, 14 August 2014 16:20 UTC
Return-Path: <sleevi@google.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8752C1A09E0 for <websec@ietfa.amsl.com>; Thu, 14 Aug 2014 09:20:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.046
X-Spam-Level:
X-Spam-Status: No, score=-2.046 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.668, SPF_PASS=-0.001] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G2WohOzTAtEz for <websec@ietfa.amsl.com>; Thu, 14 Aug 2014 09:20:52 -0700 (PDT)
Received: from mail-vc0-x236.google.com (mail-vc0-x236.google.com [IPv6:2607:f8b0:400c:c03::236]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0787F1A0890 for <websec@ietf.org>; Thu, 14 Aug 2014 09:20:41 -0700 (PDT)
Received: by mail-vc0-f182.google.com with SMTP id hy4so1686477vcb.13 for <websec@ietf.org>; Thu, 14 Aug 2014 09:20:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=FVRQzACVBN56lUuWH8PF0m4S7sG2ZnOfexGRAUtjf+U=; b=S/74z9GlmYghBrq0L4YIRpTb4y39YDLUaApJ4A3stNcHAa/H0iTtDc4mMY3zN0gsw5 yi7bgg6KmsKadHYrmrqgyhJ2BQ8Ne+Vu4ixGk5dX/VbRlq55+ESfIa6liurallY+1QeO Lar/y8zIyF7F8CxXG0pD5lxDCfROiElUEPTWyOXwWa//oznAzeERTqNHSuxl2JZcVCtN p/LPdiMd6voSXR8W9faBJiuN7yJP3FLfmLtBsJG8SSUvrYEC6SN4LrR3to+OvXwjCXae W5ogsDOlBYSuNTftSxNFal7RwrLMYE6tLmCVFbOo5eeIlRtScYRuxWv+m+liwC8Ve/pR iP1Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=FVRQzACVBN56lUuWH8PF0m4S7sG2ZnOfexGRAUtjf+U=; b=eR1FIJq8+MonwvCzxk54j4c6aBF/eRCPb2qIXgebr/lm0+1UgV113Gswtgqbz5QH4a IEf0+pZ5AgSt29rNaK22iIs0VW5EizTuVXCNH7olDn4fkZWggFDujUxv2gxJ07DYLC2f ZP7MUOUpRBzSC26t8dA615VyorA+aCD5yycVQ3VCau0aIX2QEKeGFWqNEOFGyEAmiRoO W4uQaip9A1M5FhB+OFsmRyvewToQYTkFHIZBFnWIA1r5S7EWxyf9Kr2BSRw2Xm4bztYY kow+EsvbHGFoDAFQk/p7dlZukTaix1grTUbVrnSHOsyMxDrFYvcNMSfXROeBhjD2ITvv 5Q/A==
X-Gm-Message-State: ALoCoQm/6bDLfRkesnepSIm7m02UQIQZz4ss5Gr2M1jcS60dciogzI99EuVosS+K5OwKJ04GrdZC
MIME-Version: 1.0
X-Received: by 10.220.68.208 with SMTP id w16mr1871736vci.79.1408033241038; Thu, 14 Aug 2014 09:20:41 -0700 (PDT)
Received: by 10.52.139.78 with HTTP; Thu, 14 Aug 2014 09:20:40 -0700 (PDT)
Received: by 10.52.139.78 with HTTP; Thu, 14 Aug 2014 09:20:40 -0700 (PDT)
In-Reply-To: <CAC4RtVDiy-QbHNREsm07+iPzjDiZ1q5GjowZCBnP63nw1ezTAw@mail.gmail.com>
References: <CAC4RtVDiy-QbHNREsm07+iPzjDiZ1q5GjowZCBnP63nw1ezTAw@mail.gmail.com>
Date: Thu, 14 Aug 2014 09:20:40 -0700
Message-ID: <CACvaWvb2HyhgHZJH4-DO0NX=zj2-Mk8r1Ua-we4HRwBp6twFeg@mail.gmail.com>
From: Ryan Sleevi <sleevi@google.com>
To: Barry Leiba <barryleiba@computer.org>
Content-Type: multipart/alternative; boundary="047d7b3a934e2a18e1050099496a"
Archived-At: http://mailarchive.ietf.org/arch/msg/websec/mM_Mr1N12rJZc_RxJ1ukryefljc
X-Mailman-Approved-At: Sat, 16 Aug 2014 17:46:50 -0700
Cc: draft-ietf-websec-key-pinning.all@tools.ietf.org, "<websec@ietf.org>" <websec@ietf.org>, The IESG <iesg@ietf.org>
Subject: Re: [websec] DISCUSS positions on draft-ietf-websec-key-pinning
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec/>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Aug 2014 16:20:55 -0000
On Aug 14, 2014 8:47 AM, "Barry Leiba" <barryleiba@computer.org> wrote: > > Websec folks, and especially the document authors: > We have several DISCUSS ballots on the key-pinning doc (from Stephen, > Kathleen, and Ted): > > http://datatracker.ietf.org/doc/draft-ietf-websec-key-pinning/ballot/ > > ...and I have seen no response from the authors on them. Hi Barry. It sounds like you're looking for an acknowledgement of the messages. Just to confirm, we have received this feedback, and are taking time to ensure the replies are as considered and thoughtful as the DISCUSS points, especially as many of these points were discussed early on and thought addressed by the draft already. In addition to these poibts, the feedback/recent errata from Eric Lawrence regarding HSTS is also extremely relevant to the discussion of HPKP, and we were waiting to see what actions, if any, the WG takes regarding that draft, lest we find ourselves immediately writing a bis to deal with those same points. > Please > respond soonest, and have the necessary discussions to resolve them. > Please also consider and respond to the non-blocking comments from > Alissa, Pete, and Richard. > > Yoav, please stay on top of this and do the necessary prodding to keep > this moving. > > Thanks, > Barry
- [websec] DISCUSS positions on draft-ietf-websec-k… Barry Leiba
- Re: [websec] DISCUSS positions on draft-ietf-webs… Barry Leiba
- Re: [websec] DISCUSS positions on draft-ietf-webs… Ryan Sleevi
- Re: [websec] DISCUSS positions on draft-ietf-webs… Tobias Gondrom
- Re: [websec] DISCUSS positions on draft-ietf-webs… Barry Leiba
- Re: [websec] DISCUSS positions on draft-ietf-webs… Yoav Nir
- Re: [websec] DISCUSS positions on draft-ietf-webs… Barry Leiba
- Re: [websec] DISCUSS positions on draft-ietf-webs… Ted Lemon
- Re: [websec] DISCUSS positions on draft-ietf-webs… Yoav Nir
- Re: [websec] DISCUSS positions on draft-ietf-webs… Barry Leiba
- Re: [websec] DISCUSS positions on draft-ietf-webs… Ted Lemon
- Re: [websec] DISCUSS positions on draft-ietf-webs… Barry Leiba
- Re: [websec] DISCUSS positions on draft-ietf-webs… Chris Palmer