Hello Jeff and websec fellows,
<hat="WG chair"> and <hat="document shepherd">
thanks a lot for the latest version and to my understanding it indeed
closes all open issues.
For all fyi: Please note that the update in section 6.1 item 5.
declares that future registries will be using IETF review for
creation/defining.
"Additional directives extending the semantic functionality of the STS
header field can be defined in other specifications, with a registry
(having an IANA policy definition of IETF Review [RFC5226]) defined
for them at such time."
There has been some discussion on this, but to my understanding no major
conflicts have been raised with the proposed approach.
<taking all hats off>
Best regards and see you soon in Atlanta,
Tobias
On 15/09/12 07:57, =JeffH wrote:
New rev:
https://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec-13
please see change log excerpt included below for details. AFAIK this
is ready for submission to IESG and IETF-wide Last Call.
full issue ticket list for strict-transport-sec:
<http://trac.tools.ietf.org/wg/websec/trac/query?status=assigned&status=closed&status=new&status=reopened&component=strict-transport-sec&order=id>
Redline spec diff from previous rev:
https://tools.ietf.org/rfcdiff?difftype=--hwdiff&url2=draft-ietf-websec-strict-transport-sec-13.txt
side-by-side diff from previous rev:
https://tools.ietf.org/rfcdiff?url2=draft-ietf-websec-strict-transport-sec-13.txt
All issue tickets are closed.
Change Log for this rev is below.
=JeffH
==============================================================
Appendix D. Change Log
[RFCEditor: please remove this section upon publication as an RFC.]
Changes are grouped by spec revision listed in reverse issuance
order.
D.1. For draft-ietf-websec-strict-transport-sec
Changes from -12 to -13:
1. Addressed the IANA registry and IANA registry policy questions
raised in Ben Campbel's Gen-ART LC review. Selected "IETF
Review" for IANA policy. See the portion of this thread from
this message onwards for details: <https://www.ietf.org/
mail-archive/web/websec/current/msg01355.html>
2. Clarified the questions regarding max-age=0 interacting with
includeSubdomains. Expanded section 5. HSTS Mechanism
Overview, Added clarification text and forward ref to S 8.1
from S 6.1.1. Added two additional examples to S 6.2 which
contain max-age=0. See the thread rooted here for questions
that informed this: <https://www.ietf.org/mail-archive/web/
websec/current/msg01347.html>
3. upgraded ref to draft-ietf-dane-protocol to be to RFC6698.
Changes from -11 to -12:
1. Addressed various issues in Ben Campbel's Gen-ART LC review.
See this message for details: <https://www.ietf.org/
mail-archive/web/websec/current/msg01324.html>
Changes from -10 to -11:
<snip/>
---
end
_______________________________________________
websec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/websec
_______________________________________________
websec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/websec
