Maybe you can explain why, if https is needed everywhere, that after
significant and extended arguing, the httpwg decided to make it optional
in http/2
I really don't see the point in making all those arguments again over
here in dnsop, when they were done to death many times in httpwg. Go
I think you and many others will continue to disagree on that point.
try using https for OCSP or CRL checking and see how you go.
-- Original Message --
From: "Stephane Bortzmeyer"
To: "Adrien de Croy"
Cc: "Shane Kerr" ;
-- Original Message --
From: "Paul Hoffman"
To: "Adrien de Croy"
Cc: "dnsop@ietf.org"
Sent: 7/05/2016 7:24:46 a.m.
Subject: Re: [DNSOP] New Version Notification for
draft-song-dns-wireformat-http-03.txt
On 6 May 2016, at
On Fri, May 06, 2016 at 07:14:29PM +,
Adrien de Croy wrote
a message of 72 lines which said:
> Putting https where it's not needed (and it's not needed everywhere)
It is. If you don't know why, read RFC 7258 (6973 is useful, too).
On 6 May 2016, at 12:14, Adrien de Croy wrote:
The original text makes a claim about security and privacy around TLS.
This is not true in the real world, and is becoming less true with
every MitM deployed.
It is as true now as it has ever been. Saying that TLS is not secure
because there
It's not like that at all.
The original text makes a claim about security and privacy around TLS.
This is not true in the real world, and is becoming less true with every
MitM deployed.
Client authentication is very rarely used because of the significant
challenges of managing client
On Fri, May 6, 2016 at 12:34 PM, 神明達哉 wrote:
> I fully understand this document does not provide normative
> requirements. But in the way it's currently organized, I'm afraid
> it will simply promote a vicious circle: more people will think they
> need to provide reverse
At Wed, 4 May 2016 11:43:16 -0400,
Ted Lemon wrote:
> Jinmei-san, with all due respect, I think that you are missing the mark
> here.
First off, I didn't intend to be opposed to providing reverse mappings
per se. If my comments read that way, that was because of my poor
Yes; will fix (I think I said in another message). Off today, will catch up
again next week.
Lee
From: DNSOP > on behalf
of Ted Lemon >
Date: Friday, May 6, 2016 7:26 AM
To:
Stephane,
At 2016-05-05 17:47:48 +0200
Stephane Bortzmeyer wrote:
> On Sat, Mar 19, 2016 at 10:57:26AM -0400,
> Paul Hoffman wrote
> a message of 49 lines which said:
>
> > With respect to the DO bit, there was a suggestion:
> > Resolvers SHOULD
Indeed, that was precisely the intended result. MitM attacks are possible
to detect; passive listening attacks are not.
On Fri, May 6, 2016 at 4:59 AM, Stephane Bortzmeyer
wrote:
> On Wed, May 04, 2016 at 10:13:09PM +,
> Adrien de Croy wrote
> a
I believe that this was unintentional. I think Lee agreed to fix it.
On Fri, May 6, 2016 at 5:32 AM, wrote:
> > > The point of this document is not to make normative requirements.
> >
> > But it does: 'Best practice is that "Every Internet-reachable host
> > should have a
> > The point of this document is not to make normative requirements.
>
> But it does: 'Best practice is that "Every Internet-reachable host
> should have a name"'.
I agree. Especially with IPv6 in mind, "Every Internet-reachable host
should have a name" is *not* best practice.
Steinar Haug,
On Wed, May 04, 2016 at 11:43:16AM -0400,
Ted Lemon wrote
a message of 518 lines which said:
> The point of this document is not to make normative requirements.
But it does: 'Best practice is that "Every Internet-reachable host
should have a name"'.
> It's simply to
On Wed, May 04, 2016 at 10:13:09PM +,
Adrien de Croy wrote
a message of 316 lines which said:
> TLS was designed to provide data integrity and security, but not in
> the face of MitM attacks.
You're playing with words here. It all depends if you use TLS in the
strict
Ondřej Surý writes:
> Dear colleagues,
>
> a new EdDSA for DNSSEC draft has been posted in CURDLE WG and is in
> need of more reviewers ;).
>
> I merged Ed25519 and Ed448 drafts into one, removed reasoning why
> EdDSA is superior for RFC and I-D in Normative references
16 matches
Mail list logo