[websec] I-D Action: draft-ietf-websec-key-pinning-18.txt
internet-drafts@ietf.org Fri, 04 July 2014 03:52 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45D061B2B82; Thu, 3 Jul 2014 20:52:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5sjj3kqXjk6P; Thu, 3 Jul 2014 20:52:49 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 5EEBF1B2BB3; Thu, 3 Jul 2014 20:52:41 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 5.6.0.p1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20140704035241.4179.31777.idtracker@ietfa.amsl.com>
Date: Thu, 03 Jul 2014 20:52:41 -0700
Archived-At: http://mailarchive.ietf.org/arch/msg/websec/n9fSkRdKPCeRHt4cdMKGcgIvql4
Cc: websec@ietf.org
Subject: [websec] I-D Action: draft-ietf-websec-key-pinning-18.txt
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.15
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec/>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Jul 2014 03:52:52 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Security Working Group of the IETF.
Title : Public Key Pinning Extension for HTTP
Authors : Chris Evans
Chris Palmer
Ryan Sleevi
Filename : draft-ietf-websec-key-pinning-18.txt
Pages : 26
Date : 2014-07-03
Abstract:
This document describes an extension to the HTTP protocol allowing
web host operators to instruct user agents to remember ("pin") the
hosts' cryptographic identities for a given period of time. During
that time, UAs will require that the host present a certificate chain
including at least one Subject Public Key Info structure whose
fingerprint matches one of the pinned fingerprints for that host. By
effectively reducing the number of authorities who can authenticate
the domain during the lifetime of the pin, pinning may reduce the
incidence of man-in-the-middle attacks due to compromised
Certification Authorities.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-websec-key-pinning/
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-websec-key-pinning-18
A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-websec-key-pinning-18
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- [websec] I-D Action: draft-ietf-websec-key-pinnin… internet-drafts