Re: [websec] HSTS approval generating some news...

Tobias Gondrom <tobias.gondrom@gondrom.org> Fri, 05 October 2012 12:18 UTC

Return-Path: <tobias.gondrom@gondrom.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4E2321F845A for <websec@ietfa.amsl.com>; Fri, 5 Oct 2012 05:18:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -95.362
X-Spam-Level:
X-Spam-Status: No, score=-95.362 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_HELO_EQ_D_D_D_D=1.597, FH_HOST_EQ_D_D_D_D=0.765, FM_DDDD_TIMES_2=1.999, HELO_DYNAMIC_IPADDR=2.426, HELO_EQ_DE=0.35, RDNS_DYNAMIC=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YCQcwz0KbViy for <websec@ietfa.amsl.com>; Fri, 5 Oct 2012 05:18:32 -0700 (PDT)
Received: from lvps176-28-13-69.dedicated.hosteurope.de (lvps176-28-13-69.dedicated.hosteurope.de [176.28.13.69]) by ietfa.amsl.com (Postfix) with ESMTP id 466C821F8458 for <websec@ietf.org>; Fri, 5 Oct 2012 05:18:32 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=gondrom.org; b=kZ8ibk3cQHBzLpFj1YEAHDJaQgaN+TuYjrVD08FIuWU7lUrI/WxKIYG/Y/YTaPAr4mawTAQfXX0aF6y6IFkz0l1jGgKc7J76fC5gRohhxuBvBwJqTomRcpAc4GVoUKz+; h=Received:Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:X-Priority:References:In-Reply-To:Content-Type:Content-Transfer-Encoding;
Received: (qmail 32241 invoked from network); 5 Oct 2012 14:18:30 +0200
Received: from 94-194-102-93.zone8.bethere.co.uk (HELO ?192.168.1.65?) (94.194.102.93) by lvps176-28-13-69.dedicated.hosteurope.de with ESMTPSA (DHE-RSA-AES256-SHA encrypted, authenticated); 5 Oct 2012 14:18:30 +0200
Message-ID: <506ED016.7070206@gondrom.org>
Date: Fri, 05 Oct 2012 13:18:30 +0100
From: Tobias Gondrom <tobias.gondrom@gondrom.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20120912 Thunderbird/15.0.1
MIME-Version: 1.0
To: websec@ietf.org
X-Priority: 4 (Low)
References: <E9CF3FFC262DBD44942AB2B3AAF7100B23A309@DEN-EXDDA-S12.corp.ebay.com> <99B6B0D7-9559-4BF4-A32A-CB3AAE5FB61A@gmail.com>
In-Reply-To: <99B6B0D7-9559-4BF4-A32A-CB3AAE5FB61A@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [websec] HSTS approval generating some news...
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Oct 2012 12:18:33 -0000

<hat="individual">

Yes. Nice.
As a personal comment, normally the formal release of the draft as RFC 
is the best time for press releases, because then you can actually refer 
to the RFC.
However, news is always good.

And btw. fyi on Sep-24 OWASP released a video tutorial on HSTS:
"OWASP Appsec Tutorial Series - Episode 4: Strict Transport Security"
http://www.youtube.com/watch?v=zEV3HOuM_Vw
(personal disclaimer: I am on the leadership team of OWASP)

Best regards, Tobias




On 04/10/12 18:34, John Menerick wrote:
> Congrats!
>
>
> On Oct 4, 2012, at 9:58 AM, Hodges, Jeff wrote:
>
>> ..e.g., see...
>>
>>   https://twitter.com/i/#!/search/realtime/hsts
>>
>>
>>   http://news.cnet.com/8301-1009_3-57524915-83/web-security-protocol-hsts-wins-proposed-standard-status/
>>
>>
>>   https://threatpost.com/en_us/blogs/ietf-approves-hsts-internet-draft-100312
>>
>>
>> 8^)
>>
>> =JeffH
>>
>> _______________________________________________
>> websec mailing list
>> websec@ietf.org
>> https://www.ietf.org/mailman/listinfo/websec
> _______________________________________________
> websec mailing list
> websec@ietf.org
> https://www.ietf.org/mailman/listinfo/websec