[websec] I-D Action: draft-ietf-websec-key-pinning-21.txt

internet-drafts@ietf.org Mon, 06 October 2014 01:23 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D23C81A0273; Sun, 5 Oct 2014 18:23:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eShoN7yOy07O; Sun, 5 Oct 2014 18:23:57 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 74EE61A0275; Sun, 5 Oct 2014 18:23:55 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 5.6.3.p3
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20141006012355.31175.78914.idtracker@ietfa.amsl.com>
Date: Sun, 05 Oct 2014 18:23:55 -0700
Archived-At: http://mailarchive.ietf.org/arch/msg/websec/xs6LccMNbOZIq7uDUIXDUY9EcTQ
Cc: websec@ietf.org
Subject: [websec] I-D Action: draft-ietf-websec-key-pinning-21.txt
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.15
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec/>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Oct 2014 01:23:59 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the Web Security Working Group of the IETF.

        Title           : Public Key Pinning Extension for HTTP
        Authors         : Chris Evans
                          Chris Palmer
                          Ryan Sleevi
	Filename        : draft-ietf-websec-key-pinning-21.txt
	Pages           : 28
	Date            : 2014-10-05

Abstract:
   This document defines a new HTTP header that allows web host
   operators to instruct user agents to remember ("pin") the hosts'
   cryptographic identities over a period of time.  During that time,
   UAs will require that the host presents a certificate chain including
   at least one Subject Public Key Info structure whose fingerprint
   matches one of the pinned fingerprints for that host.  By effectively
   reducing the number of trusted authorities who can authenticate the
   domain during the lifetime of the pin, pinning may reduce the
   incidence of man-in-the-middle attacks due to compromised
   Certification Authorities.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-websec-key-pinning/

There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-websec-key-pinning-21

A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-websec-key-pinning-21


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/