Re: [xmpp] I-D Action: draft-ietf-xmpp-posh-04.txt
"Ben Campbell" <ben@nostrum.com> Wed, 25 February 2015 19:59 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: xmpp@ietfa.amsl.com
Delivered-To: xmpp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A87301A1AA5 for <xmpp@ietfa.amsl.com>; Wed, 25 Feb 2015 11:59:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.61
X-Spam-Level:
X-Spam-Status: No, score=-1.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I0ObBOEUyF-z for <xmpp@ietfa.amsl.com>; Wed, 25 Feb 2015 11:59:29 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2929C1A1B7F for <xmpp@ietf.org>; Wed, 25 Feb 2015 11:59:29 -0800 (PST)
Received: from [10.0.1.23] (cpe-173-172-146-58.tx.res.rr.com [173.172.146.58]) (authenticated bits=0) by nostrum.com (8.15.1/8.14.9) with ESMTPSA id t1PJx9CR006100 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 25 Feb 2015 13:59:20 -0600 (CST) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host cpe-173-172-146-58.tx.res.rr.com [173.172.146.58] claimed to be [10.0.1.23]
From: Ben Campbell <ben@nostrum.com>
To: ⌘ Matt Miller <mamille2@cisco.com>, Peter Saint-Andre - &yet <peter@andyet.net>
Date: Wed, 25 Feb 2015 13:59:09 -0600
Message-ID: <C253E4C3-F328-42B0-9C7B-56C7F261E205@nostrum.com>
In-Reply-To: <54EBB307.1030403@cisco.com>
References: <20150223230542.16689.2371.idtracker@ietfa.amsl.com> <54EBB307.1030403@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Mailer: MailMate (1.9r5066)
Archived-At: <http://mailarchive.ietf.org/arch/msg/xmpp/89mpAWBzRNuUs84dif9Dgv_ti9Y>
Cc: xmpp@ietf.org
Subject: Re: [xmpp] I-D Action: draft-ietf-xmpp-posh-04.txt
X-BeenThere: xmpp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: XMPP Working Group <xmpp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/xmpp>, <mailto:xmpp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/xmpp/>
List-Post: <mailto:xmpp@ietf.org>
List-Help: <mailto:xmpp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Feb 2015 19:59:30 -0000
I think this version looks good to go to the IESG. In my chair opinion, the changes in this version are not substantial enough to require a new WGLC (and have been published on the list.) Do the authors agree? It occurs to me to wonder if we should submit posh and DNA (currently in WGLC) together as a package, or submit them separately as they are ready. Thoughts? /Ben On 23 Feb 2015, at 17:08, ⌘ Matt Miller wrote: > This revision should address all of Ben's outstanding concerns. > > > Thanks! > > - -- > - - m&m > > Matt Miller < mamille2@cisco.com > > Cisco Systems, Inc. > > On 2/23/15 4:05 PM, internet-drafts@ietf.org wrote: >> >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. This draft is a work item of the Extensible Messaging >> and Presence Protocol Working Group of the IETF. >> >> Title : PKIX over Secure HTTP (POSH) Authors : >> Matthew Miller Peter Saint-Andre Filename : >> draft-ietf-xmpp-posh-04.txt Pages : 15 Date : >> 2015-02-23 >> >> Abstract: Experience has shown that it is extremely difficult to >> deploy proper PKIX certificates for TLS in multi-tenanted >> environments. As a result, domains hosted in such environments >> often deploy applications using certificates that identify the >> hosting service, not the hosted domain. Such deployments force end >> users and peer services to accept a certificate with an improper >> identifier, resulting in obvious security implications. This >> document defines two methods that make it easier to deploy >> certificates for proper server identity checking in non-HTTP >> application protocols. While these methods developed for use in >> the Extensible Messaging and Presence Protocol (XMPP) as a Domain >> Name Association (DNA) prooftype, they might also be usable in >> other non-HTTP application protocols. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-xmpp-posh/ >> >> There's also a htmlized version available at: >> http://tools.ietf.org/html/draft-ietf-xmpp-posh-04 >> >> A diff from the previous version is available at: >> http://www.ietf.org/rfcdiff?url2=draft-ietf-xmpp-posh-04 >> >> >> Please note that it may take a couple of minutes from the time of >> submission until the htmlized version and diff are available at >> tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ xmpp mailing list >> xmpp@ietf.org https://www.ietf.org/mailman/listinfo/xmpp >> > > > _______________________________________________ > xmpp mailing list > xmpp@ietf.org > https://www.ietf.org/mailman/listinfo/xmpp
- [xmpp] I-D Action: draft-ietf-xmpp-posh-04.txt internet-drafts
- Re: [xmpp] I-D Action: draft-ietf-xmpp-posh-04.txt ⌘ Matt Miller
- Re: [xmpp] I-D Action: draft-ietf-xmpp-posh-04.txt Ben Campbell
- Re: [xmpp] I-D Action: draft-ietf-xmpp-posh-04.txt ⌘ Matt Miller