IETF Logo Mail Archive

Re: [websec] pinning specs

Chris Palmer <palmer@google.com> Tue, 15 November 2011 21:41 UTC

Return-Path: <palmer@google.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F43011E80DE for <websec@ietfa.amsl.com>; Tue, 15 Nov 2011 13:41:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.31
X-Spam-Level:
X-Spam-Status: No, score=-103.31 tagged_above=-999 required=5 tests=[AWL=-0.333, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pc8V9oE82AH1 for <websec@ietfa.amsl.com>; Tue, 15 Nov 2011 13:41:09 -0800 (PST)
Received: from mail-ww0-f44.google.com (mail-ww0-f44.google.com [74.125.82.44]) by ietfa.amsl.com (Postfix) with ESMTP id A231E11E80D6 for <websec@ietf.org>; Tue, 15 Nov 2011 13:41:09 -0800 (PST)
Received: by wwe5 with SMTP id 5so4948126wwe.13 for <websec@ietf.org>; Tue, 15 Nov 2011 13:41:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-system-of-record; bh=zB/yERtVzlvR2b51rArWjYTvgYVxqPOZXRdAFjJZ5NM=; b=Z9sS5AykfP1dFca2OlGhB1PXd8z7/B/xphJZIkVYqjI6xEbUv4TmHtSR7CfH5fmmvx kwpA2uFVVr7XwNGdeF0A==
Received: by 10.216.135.79 with SMTP id t57mr5339216wei.4.1321393268836; Tue, 15 Nov 2011 13:41:08 -0800 (PST)
MIME-Version: 1.0
Received: by 10.216.135.79 with SMTP id t57mr5339212wei.4.1321393268690; Tue, 15 Nov 2011 13:41:08 -0800 (PST)
Received: by 10.216.216.205 with HTTP; Tue, 15 Nov 2011 13:41:08 -0800 (PST)
In-Reply-To: <4EC2D2DF.8050206@stpeter.im>
References: <4EC2D2DF.8050206@stpeter.im>
Date: Tue, 15 Nov 2011 13:41:08 -0800
Message-ID: <CAOuvq21OoaZmEiaQGqMA9MAngViVP0s-O5_urMrx2DOXc2y6kA@mail.gmail.com>
From: Chris Palmer <palmer@google.com>
To: Peter Saint-Andre <stpeter@stpeter.im>
Content-Type: text/plain; charset="UTF-8"
X-System-Of-Record: true
Cc: IETF WebSec WG <websec@ietf.org>
Subject: Re: [websec] pinning specs
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Nov 2011 21:41:14 -0000

> https://datatracker.ietf.org/doc/draft-evans-palmer-key-pinning/
>
> and
>
> https://datatracker.ietf.org/doc/draft-evans-palmer-hsts-pinning/
>
> Jeff's slides refer to the former. Are both of these documents in play?

No, the former is the real one. It responds to the helpful critiques
we got from everyone when we submitted the latter. It is no longer
piggy-backing on the HSTS header, so I gave the draft a new, more
accurate name.

You can safely disregard the latter.

v2.23.0 | Report a Bug | By Email