Re: [wpkops] draft-housley-web-pki-problems-00
Phillip Hallam-Baker <ietf@hallambaker.com> Tue, 07 July 2015 15:11 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: wpkops@ietfa.amsl.com
Delivered-To: wpkops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA7B71ACD74 for <wpkops@ietfa.amsl.com>; Tue, 7 Jul 2015 08:11:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wmg2DeEWn6aH for <wpkops@ietfa.amsl.com>; Tue, 7 Jul 2015 08:11:13 -0700 (PDT)
Received: from mail-la0-x22b.google.com (mail-la0-x22b.google.com [IPv6:2a00:1450:4010:c03::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 14CA31A8899 for <wpkops@ietf.org>; Tue, 7 Jul 2015 08:11:13 -0700 (PDT)
Received: by lagx9 with SMTP id x9so199546834lag.1 for <wpkops@ietf.org>; Tue, 07 Jul 2015 08:11:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=NAQJPp5IFZN/LRe213o509BW8vVoTiSGxwQSDaod2Zo=; b=eASGNdC5ebtQL0+NQ91BdS+V66kVZZtkMoffOq/Sea/FQ4IAmk+ZyTYN1UOfBG6ywC f2GWw9llYzByvErGERSqJQNxJ/2IhpXKASkAQLCVpDKUA5Fqt6/lI4s81srr1aX4MFbE EUngZVBYyC9zjZBoDGdPlGVmdjMyYAQkqWZ5+n+OHKfKoeb2bedsimq21r5etgOp54hq qdMl9alIICgBOOCU3KnbKlW/vRbDXa6Ci9IbLDXQLqqM7u3RE2gXPWKSPWuQPpBwAk85 KbekFlO2R+BvA1VL/inu9T69/Hmy7xoILT/479EuCdX5ldqREraBPu5YRKD1q5g2tWm5 AB2Q==
MIME-Version: 1.0
X-Received: by 10.112.170.167 with SMTP id an7mr4467031lbc.103.1436281871618; Tue, 07 Jul 2015 08:11:11 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.203.163 with HTTP; Tue, 7 Jul 2015 08:11:11 -0700 (PDT)
In-Reply-To: <62149DF7-5173-425A-AC84-DB8D97D63B8A@vigilsec.com>
References: <62149DF7-5173-425A-AC84-DB8D97D63B8A@vigilsec.com>
Date: Tue, 07 Jul 2015 11:11:11 -0400
X-Google-Sender-Auth: gYCrBwuYNFwBIWgNWQJDHOYgLzU
Message-ID: <CAMm+Lwg8-g3TkN-8HQjCd0-me6siU9LQ=cjdCH67kwgB38JX2g@mail.gmail.com>
From: Phillip Hallam-Baker <ietf@hallambaker.com>
To: Russ Housley <housley@vigilsec.com>
Content-Type: multipart/alternative; boundary="001a11c368ccc15a1b051a4a6e55"
Archived-At: <http://mailarchive.ietf.org/arch/msg/wpkops/IS05zXyxevgLyTSlbFDkIkPrdVs>
Cc: "wpkops@ietf.org" <wpkops@ietf.org>
Subject: Re: [wpkops] draft-housley-web-pki-problems-00
X-BeenThere: wpkops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <wpkops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/wpkops>, <mailto:wpkops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wpkops/>
List-Post: <mailto:wpkops@ietf.org>
List-Help: <mailto:wpkops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/wpkops>, <mailto:wpkops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jul 2015 15:11:15 -0000
Good idea, I forwarded it on some CA lists as well. One omission I think needs to be called out is that the WebPKI scope is limited to server authentication. While I don't think that the draft should consider client auth in detail, it is something that should be pointed out as a shortcoming. I think that the main reason we haven't got client auth working on a large scale is that the administration and usability issues that impact the Web Server PKI are even more severe for client PKI. My Mesh project is an attempt to address those issues.
- [wpkops] draft-housley-web-pki-problems-00 Russ Housley
- [wpkops] draft-housley-web-pki-problems-00 Russ Housley
- Re: [wpkops] draft-housley-web-pki-problems-00 Phillip Hallam-Baker
- Re: [wpkops] draft-housley-web-pki-problems-00 Jeremy Rowley
- Re: [wpkops] draft-housley-web-pki-problems-00 Phillip Hallam-Baker
- Re: [wpkops] draft-housley-web-pki-problems-00 joel jaeggli
- Re: [wpkops] draft-housley-web-pki-problems-00 Karen O'Donoghue
- Re: [wpkops] draft-housley-web-pki-problems-00 Gervase Markham
- Re: [wpkops] draft-housley-web-pki-problems-00 Rick Andrews
- Re: [wpkops] draft-housley-web-pki-problems-00 Ralph Holz
- Re: [wpkops] draft-housley-web-pki-problems-00 Jeremy Rowley