Hi Chris,
good to hear.
And just to add: even without websec, if you think something that goes
beyond DNS namespace relationships or the scope of the other WG is
needed, at the IETF there is also the possibility for individual
submissions. Downside with individual drafts is, it is much harder
Thanks Jeff, Tobias.
Yes, dbound does seem to resonate pretty well with where I was going
here. Ironic and fortunate to catch it now while it's still
crystalizing. Although I believe there is room to contemplate
extending the concept beyond pure DNS namespace relationships (I'd
like to see URI<->U
On 13 January 2015 at 21:30, Chris Hartmann wrote:
> Presumably your credentials
> to okta.com are a risk to the company if compromised. If a phisher
> sent you an email claiming to be okta.com with a link to a fake but
> believable hostname, say otka.com (see what I did there), you happen
> to cl
On Wed, Jan 14, 2015 at 1:15 AM, Anne van Kesteren wrote:
> On Tue, Jan 13, 2015 at 9:30 PM, Chris Hartmann wrote:
>> If a phisher
>> sent you an email claiming to be okta.com with a link to a fake but
>> believable hostname, say otka.com (see what I did there), you happen
>> to click the link an
Hi Chris, hi all,
let me say, I can see a missing link here which would be nice to solve.
Btw. another example coming to mind would be the connection with
external payment services or increasing number of references to cloud
based services (where it is not sure that a.com is indeed using b.com
On Tue, Jan 13, 2015 at 9:30 PM, Chris Hartmann wrote:
> If a phisher
> sent you an email claiming to be okta.com with a link to a fake but
> believable hostname, say otka.com (see what I did there), you happen
> to click the link and are on the verge of providing your credentials,
Yeah, that's t
> Is this a security problem? I think so.
Yes. Knowing the relationship would be helpful in a security context.
> I have a few ideas on how this could be improved/implemented.
Dbound is poking and prodding at related issues. And they are
finalizing their charter now. You might consider reading s
On Tue, Jan 13, 2015 at 2:40 AM, Gervase Markham wrote:
> On 12/01/15 19:18, Chris Hartmann wrote:
>> 2) a.com forms a business relationship with b.com to perform a
>> business function on its behalf (payment processor, blog, whatever).
>> The landing page is b.com/a
>
> Would it not be reasonable
Hi Anne/All,
Thanks for the response.
I think your use-case is slightly different then what I was going for,
but perhaps I can extend my idea to cover a different aspect of yours.
Just for clarity, if I understand correctly, the relationship between
services like okta.com and google.com isn't what
On 12/01/15 19:18, Chris Hartmann wrote:
> 2) a.com forms a business relationship with b.com to perform a
> business function on its behalf (payment processor, blog, whatever).
> The landing page is b.com/a
Would it not be reasonable to say that, when this sort of relationship
is set up, best prac
On Mon, Jan 12, 2015 at 8:18 PM, Chris Hartmann wrote:
> Should we solve this? Is it solved already? Could use help gelling or
> junking this idea.
>
> I have a few ideas on how this could be improved/implemented.
I'd be interested to hear them. E.g. at work we started using
https://www.okta.com/
1) Bob trusts and does personal business with a.com.
2) a.com forms a business relationship with b.com to perform a
business function on its behalf (payment processor, blog, whatever).
The landing page is b.com/a
3) Bob visits b.com/a and notices that the page claims to be
affiliated and owned by
12 matches
Mail list logo