Transport Layer Security (TLS) Authorization Using KeyNote
draft-keromytis-tls-authz-keynote-07
Revision differences
Document history
| Date | Rev. | By | Action |
|---|---|---|---|
|
2012-08-22
|
07 | (System) | post-migration administrative database adjustment to the No Objection position for Peter Saint-Andre |
|
2010-08-17
|
07 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
|
2010-08-17
|
07 | (System) | IANA Action state changed to Waiting on RFC Editor from In Progress |
|
2010-08-17
|
07 | (System) | IANA Action state changed to In Progress from Waiting on Authors |
|
2010-08-16
|
07 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
|
2010-08-10
|
07 | Cindy Morgan | State changed to RFC Ed Queue from Approved-announcement sent by Cindy Morgan |
|
2010-08-04
|
07 | (System) | IANA Action state changed to In Progress |
|
2010-07-30
|
07 | Cindy Morgan | State Changes to Approved-announcement sent from IESG Evaluation::AD Followup by Cindy Morgan |
|
2010-07-30
|
07 | (System) | IESG has approved the document |
|
2010-07-29
|
07 | (System) | Closed "Approve" ballot |
|
2010-07-11
|
07 | Alexey Melnikov | [Ballot Position Update] Position for Alexey Melnikov has been changed to No Objection from Discuss by Alexey Melnikov |
|
2010-07-11
|
07 | Alexey Melnikov | [Ballot comment] By mistake I made my comments a DISCUSS. I just now realized that this is an Independent Submission through RFC Editor, so my … [Ballot comment] By mistake I made my comments a DISCUSS. I just now realized that this is an Independent Submission through RFC Editor, so my comments can't be blocking. This is a bit trivial, but I think the following issues should be fixed before the document is approved for publication (Apart from these 2 issues, I have no objections to the publication of this document.): 3. KeyNote Credential Assertion List URL Implementations that support keynote_assertion_list_url MUST support URLs that employ the http scheme [UPGRADE]. where [UPGRADE] is defined as: [UPGRADE] Khare, R., and S. Lawrence, "Upgrading to TLS Within HTTP/1.1", RFC 2817, May 2000. I don't believe this is the correct reference here. If you truly meant "http", then you should use RFC 2616 here. If you meant "https", then RFC 2818 is the correct reference. I believe the following 2 references are Normative, as they are needed to implement this spec: 7. Informative References [KEYNOTE] Blaze, M., Feigenbaum, J., Ioannidis, J., and A. Keromytis, "The KeyNote Trust-Management System, Version 2", RFC 2704, September 1999. [AUTHZ] Brown, M., and R. Housley, "Transport Layer Security (TLS) Authorization Extensions", RFC 5878, May 2010 1. Introduction A list of KeyNote credentials (e.g., forming a delegation chain) may be sent as part of the same payload. Alternatively, a URL RFC 3986 should be sited here (as an Informative reference). pointing to the location of such a list of KeyNote credentials may be provided. |
|
2010-07-11
|
07 | Alexey Melnikov | [Ballot discuss] |
|
2010-07-02
|
07 | Peter Saint-Andre | [Ballot discuss] [cleared] |
|
2010-07-02
|
07 | Peter Saint-Andre | [Ballot Position Update] Position for Peter Saint-Andre has been changed to No Objection from Discuss by Peter Saint-Andre |
|
2010-07-02
|
07 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
|
2010-07-02
|
07 | (System) | New version available: draft-keromytis-tls-authz-keynote-07.txt |
|
2010-07-02
|
07 | (System) | Removed from agenda for telechat - 2010-07-01 |
|
2010-07-01
|
07 | Cindy Morgan | State Changes to IESG Evaluation::Revised ID Needed from IESG Evaluation by Cindy Morgan |
|
2010-07-01
|
07 | Jari Arkko | [Ballot Position Update] New position, No Objection, has been recorded by Jari Arkko |
|
2010-06-30
|
07 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded by Ron Bonica |
|
2010-06-30
|
07 | Dan Romascanu | [Ballot Position Update] New position, No Objection, has been recorded by Dan Romascanu |
|
2010-06-30
|
07 | Sean Turner | [Ballot Position Update] New position, No Objection, has been recorded by Sean Turner |
|
2010-06-30
|
07 | Gonzalo Camarillo | [Ballot Position Update] New position, No Objection, has been recorded by Gonzalo Camarillo |
|
2010-06-30
|
07 | Stewart Bryant | [Ballot Position Update] New position, No Objection, has been recorded by Stewart Bryant |
|
2010-06-30
|
07 | Adrian Farrel | [Ballot Position Update] New position, No Objection, has been recorded by Adrian Farrel |
|
2010-06-30
|
07 | Lars Eggert | [Ballot Position Update] New position, No Objection, has been recorded by Lars Eggert |
|
2010-06-29
|
07 | Robert Sparks | [Ballot Position Update] New position, No Objection, has been recorded by Robert Sparks |
|
2010-06-28
|
07 | Peter Saint-Andre | [Ballot discuss] Section 3 states: Implementations that support keynote_assertion_list_url MUST support URLs that employ the http scheme [UPGRADE]. Does this mean that the … [Ballot discuss] Section 3 states: Implementations that support keynote_assertion_list_url MUST support URLs that employ the http scheme [UPGRADE]. Does this mean that the KeyNote credential assertion MUST be retrieved only if HTTPS or HTTP-TLS is used and MUST NOT be retrieved if only unencrypted HTTP is available? This needs to be clarified. |
|
2010-06-28
|
07 | Peter Saint-Andre | [Ballot Position Update] New position, Discuss, has been recorded by Peter Saint-Andre |
|
2010-06-27
|
07 | Alexey Melnikov | [Ballot comment] 1. Introduction A list of KeyNote credentials (e.g., forming a delegation chain) may be sent as part of the same payload. … [Ballot comment] 1. Introduction A list of KeyNote credentials (e.g., forming a delegation chain) may be sent as part of the same payload. Alternatively, a URL RFC 3986 should be sited here (as an Informative reference). pointing to the location of such a list of KeyNote credentials may be provided. |
|
2010-06-27
|
07 | Alexey Melnikov | [Ballot discuss] This is a bit trivial, but I think the following issues should be fixed before the document is approved for publication (Apart from … [Ballot discuss] This is a bit trivial, but I think the following issues should be fixed before the document is approved for publication (Apart from these 2 issues, I have no objections to the publication of this document.): 3. KeyNote Credential Assertion List URL Implementations that support keynote_assertion_list_url MUST support URLs that employ the http scheme [UPGRADE]. where [UPGRADE] is defined as: [UPGRADE] Khare, R., and S. Lawrence, "Upgrading to TLS Within HTTP/1.1", RFC 2817, May 2000. I don't believe this is the correct reference here. If you truly meant "http", then you should use RFC 2616 here. If you meant "https", then RFC 2818 is the correct reference. I believe the following 2 references are Normative, as they are needed to implement this spec: 7. Informative References [KEYNOTE] Blaze, M., Feigenbaum, J., Ioannidis, J., and A. Keromytis, "The KeyNote Trust-Management System, Version 2", RFC 2704, September 1999. [AUTHZ] Brown, M., and R. Housley, "Transport Layer Security (TLS) Authorization Extensions", RFC 5878, May 2010 |
|
2010-06-27
|
07 | Alexey Melnikov | [Ballot comment] 1. Introduction A list of KeyNote credentials (e.g., forming a delegation chain) may be sent as part of the same payload. … [Ballot comment] 1. Introduction A list of KeyNote credentials (e.g., forming a delegation chain) may be sent as part of the same payload. Alternatively, a URL RFC 3986 should be sited here (as an Informative reference). pointing to the location of such a list of KeyNote credentials may be provided. |
|
2010-06-27
|
07 | Alexey Melnikov | [Ballot discuss] 3. KeyNote Credential Assertion List URL Implementations that support keynote_assertion_list_url MUST support URLs that employ the http scheme [UPGRADE]. where [UPGRADE] … [Ballot discuss] 3. KeyNote Credential Assertion List URL Implementations that support keynote_assertion_list_url MUST support URLs that employ the http scheme [UPGRADE]. where [UPGRADE] is defined as: [UPGRADE] Khare, R., and S. Lawrence, "Upgrading to TLS Within HTTP/1.1", RFC 2817, May 2000. I don't believe this is the correct reference here. If you truly meant "http", then you should use RFC 2616 here. If you meant "https", then RFC 2818 is the correct reference. I believe the following 2 references are Normative, as they are needed to implement this spec: 7. Informative References [KEYNOTE] Blaze, M., Feigenbaum, J., Ioannidis, J., and A. Keromytis, "The KeyNote Trust-Management System, Version 2", RFC 2704, September 1999. [AUTHZ] Brown, M., and R. Housley, "Transport Layer Security (TLS) Authorization Extensions", RFC 5878, May 2010 |
|
2010-06-27
|
07 | Alexey Melnikov | [Ballot Position Update] New position, Discuss, has been recorded by Alexey Melnikov |
|
2010-06-25
|
07 | Amanda Baber | IANA comments: IANA understands that there are two actions that need to be completed upon approval of this document. First, in the TLS Authorization Data … IANA comments: IANA understands that there are two actions that need to be completed upon approval of this document. First, in the TLS Authorization Data Formats registry located at: http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml the following entry will be added Value Description Reference ===== --======================= =============== TBD keynote_assertion_list TBD The value will be selected from the Specification Required range (64-223). Second, also in the TLS Authorization Data Formats registry located at: http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml the following entry will be added Value Description Reference ===== --======================= =============== TBD keynote_assertion_list_url TBD The value will be selected from the Specification Required range (64-223). IANA understands that these are the only actions required upon approval of the document. |
|
2010-06-25
|
07 | Russ Housley | [Ballot Position Update] New position, No Objection, has been recorded by Russ Housley |
|
2010-06-24
|
07 | Tim Polk | State Changes to IESG Evaluation from AD Evaluation by Tim Polk |
|
2010-06-24
|
07 | Tim Polk | Placed on agenda for telechat - 2010-07-01 by Tim Polk |
|
2010-06-24
|
07 | Tim Polk | Note field has been cleared by Tim Polk |
|
2010-06-24
|
07 | Tim Polk | [Ballot Position Update] New position, Yes, has been recorded for Tim Polk |
|
2010-06-24
|
07 | Tim Polk | Ballot has been issued by Tim Polk |
|
2010-06-24
|
07 | Tim Polk | Created "Approve" ballot |
|
2010-06-24
|
07 | (System) | Ballot writeup text was added |
|
2010-06-24
|
07 | (System) | Last call text was added |
|
2010-06-24
|
07 | (System) | Ballot approval text was added |
|
2010-06-16
|
07 | Cindy Morgan | Removed from agenda for telechat - 2010-06-17 by Cindy Morgan |
|
2010-06-16
|
07 | Russ Housley | State Changes to AD Evaluation from Publication Requested by Russ Housley |
|
2010-06-16
|
07 | Russ Housley | Responsible AD has been changed to Tim Polk from Russ Housley |
|
2010-06-16
|
07 | Russ Housley | Area acronymn has been changed to sec from gen |
|
2010-06-16
|
07 | Russ Housley | Note field has been cleared by Russ Housley |
|
2010-06-03
|
07 | Cindy Morgan | The draft draft-keromytis-tls-authz-keynote-06 is ready for publication from the Independent Stream. Please ask IESG to review it, as set out in RFC 5742. |
|
2010-06-03
|
07 | Cindy Morgan | Draft Added by Cindy Morgan in state Publication Requested |
|
2010-05-27
|
06 | (System) | New version available: draft-keromytis-tls-authz-keynote-06.txt |
|
2010-05-10
|
05 | (System) | New version available: draft-keromytis-tls-authz-keynote-05.txt |
|
2010-04-08
|
04 | (System) | New version available: draft-keromytis-tls-authz-keynote-04.txt |
|
2009-10-08
|
03 | (System) | New version available: draft-keromytis-tls-authz-keynote-03.txt |
|
2009-03-30
|
02 | (System) | New version available: draft-keromytis-tls-authz-keynote-02.txt |
|
2008-10-01
|
01 | (System) | New version available: draft-keromytis-tls-authz-keynote-01.txt |
|
2008-04-02
|
00 | (System) | New version available: draft-keromytis-tls-authz-keynote-00.txt |