[websec] fyi: I-D Action: draft-hodges-websec-framework-reqs-01

Thu, 08 Sep 2011 16:52:36 -0700

see below. I re-sub'd with only date change in order to avoid expiration. will revise a fair bit later here in Sept.
though, now's a good time to review this doc, at least the high level taxonomy. There's been recent discussion in various quarters wrt "certificate pinning" and means to convey such, as well as various other web sec policies folks are anticipating/designing to convey in HTTP headers -- Thomas Roessler remarked on this in our session @IETF-82 Quebec -- e.g. in various w3c WGs, so time's getting ripe to think about this stuff overall. 

=JeffH


Subject: I-D Action: draft-hodges-websec-framework-reqs-01.txt
From: [email protected]
Date: Thu, 08 Sep 2011 15:26:06 -0700
To: [email protected]

A New Internet-Draft is available from the on-line Internet-Drafts directories.

        Title           : Web Security Framework: Problem Statement and 
Requirements
        Author(s)       : Jeff Hodges
        Filename        : draft-hodges-websec-framework-reqs-01.txt
        Pages           : 23
        Date            : 2011-09-08

   Web-based malware and attacks are proliferating rapidly on the
   Internet.  New web security mechanisms are also rapidly growing in
   number, although in an incoherent fashion.  This document provides a
   brief overview of the present situation and the various seemingly
   piece-wise approaches being taken to mitigate the threats.  It then
   provides an overview of requirements as presently being expressed by
   the community in various online and face-to-face discussions.


A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-hodges-websec-framework-reqs-01.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-hodges-websec-framework-reqs-01.txt
_______________________________________________
I-D-Announce mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt


_______________________________________________
websec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/websec














    











					Reply via email to