md-distro - Re: [md-distro] vhost md.incommon.org
Subject: Metadata Distribution Subcommittee of TAC
List archive
- From: Ian Young <>
- To:
- Subject: Re: [md-distro] vhost md.incommon.org
- Date: Fri, 13 Dec 2013 13:36:48 +0000
On 13 Dec 2013, at 12:50, Tom Scavo
<>
wrote:
> My question is: Do we need to support TLS on md.incommon.org?
>
> http://md.incommon.org/InCommon/InCommon-metadata.xml
> https://md.incommon.org/InCommon/InCommon-metadata.xml
>
> We're tempted not to support the latter at all. Thoughts?
I'd say there is no need. The trust model for InCommon is based around the
in-band signature, not the TLS.
There might be a use case for TLS in the future if you decided to add a new
InCommon product for managed metadata for other people in which only
authenticated requesters had access to the aggregates. But I'd say the time
to add TLS would be if that ever happened, and in that situation you might
not want to tie it to that DNS name anyway.
-- Ian
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
- [md-distro] vhost md.incommon.org, Tom Scavo, 12/13/2013
- Re: [md-distro] vhost md.incommon.org, Ian Young, 12/13/2013
- <Possible follow-up(s)>
- Re: [md-distro] vhost md.incommon.org, Joe St Sauver, 12/13/2013
Archive powered by MHonArc 2.6.16.