[websec] #56: Specify includeSubdomains directive for HPKP

"websec issue tracker" <trac+websec@trac.tools.ietf.org> Thu, 08 November 2012 22:01 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: websec issue tracker <trac+websec@trac.tools.ietf.org>
Precedence: bulk
Auto-Submitted: auto-generated
To: palmer@google.com
Date: Thu, 08 Nov 2012 22:01:13 -0000
Message-ID: <058.f40b082eeef2f8676dd01f9fbb11ca5b@trac.tools.ietf.org>
Cc: websec@ietf.org, sleevi@google.com
Subject: [websec] #56: Specify includeSubdomains directive for HPKP

#56: Specify includeSubdomains directive for HPKP

 Example:

 Google.com PKP = key A, key B, includesubdomains
 WWW.Google.com PKP = key C

 Effective PKP?

 1) A, B, C (union)
 2) C (most specific)
 3) none (intersection)

 We think (2) is best.

-- 
-------------------------+-------------------------------
 Reporter:  palmer@…     |      Owner:  palmer@…
     Type:  defect       |     Status:  new
 Priority:  major        |  Milestone:
Component:  key-pinning  |    Version:
 Severity:  -            |   Keywords:  includeSubdomains
-------------------------+-------------------------------

Ticket URL: <http://trac.tools.ietf.org/wg/websec/trac/ticket/56>
websec <http://tools.ietf.org/websec/>

[websec] #56: Specify includeSubdomains directive… websec issue tracker
Re: [websec] #56: Specify includeSubdomains direc… websec issue tracker
Re: [websec] #56: Specify includeSubdomains direc… Chris Palmer
Re: [websec] #56: Specify includeSubdomains direc… Yoav Nir
Re: [websec] #56: Specify includeSubdomains direc… Ryan Sleevi
Re: [websec] #56: Specify includeSubdomains direc… Chris Palmer
Re: [websec] #56: Specify includeSubdomains direc… Chris Palmer
Re: [websec] #56: Specify includeSubdomains direc… websec issue tracker
Re: [websec] #56: Specify includeSubdomains direc… websec issue tracker
Re: [websec] #56: Specify includeSubdomains direc… Yoav Nir
Re: [websec] #56: Specify includeSubdomains direc… websec issue tracker