ietf
[Top] [All Lists]

Re: [TLS] [certid] review of draft-saintandre-tls-server-id-check-09

2010-10-06 15:56:02
Double sorry, I meant to sent this only to the certid(_at_)ietf(_dot_)org list:

https://www.ietf.org/mailman/listinfo/certid

On 10/6/10 2:53 PM, Peter Saint-Andre wrote:
Sorry about the delayed reply, still catching up on list traffic here...

On 9/22/10 4:11 PM, Henry B. Hotz wrote:

On Sep 22, 2010, at 10:09 AM, Peter Saint-Andre wrote:

2.  A human user has explicitly agreed to trust a service that 
provides mappings of source domains to target domains, such as a 
dedicated discovery service or an identity service that securely 
redirects requests from the source domain to a target domain 
(however, such an arrangement is not encouraged and if a client 
supports such a service then it needs to disable it by default and
carefully warn the user about the possible negative consequences of
trusting such a service).


Pure wordsmithing.  Make sure this still says what you want:

2.  A human user has explicitly agreed to trust a service that
provides mapping of source domains to target domains.  For example
the user may trust a dedicated discovery service or identity service
that securely redirects requests from the source to a target domain.


Such an arrangement is not encouraged.  If a client supports such a
service then it needs to disable it by default, and it MUST carefully
warn the user about the possible negative consequences of trusting
such a service.  

Just to close the loop, I think we had agreement to remove that
paragraph, so no further wordsmithing required.

Peter

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>