md-distro - Re: [md-distro] Agenda: Review and Final Meeting [0169395#]
Subject: Metadata Distribution Subcommittee of TAC
List archive
- From: John Krienke <>
- To: "" <>
- Subject: Re: [md-distro] Agenda: Review and Final Meeting [0169395#]
- Date: Thu, 16 Jan 2014 18:21:50 +0000
- Accept-language: en-US
I appreciate the discussion and the importance of precision. However, I'll
note that we just concluded the review dissuasion on the last call. For
context, I'll note that the audience for this report is the TAC, and TAC
members present on this committee can clarify these terminology points if
needed when the time comes.
The continued discussion indicates a healthy concern for the material that we
all value. At the same time, I'll wield my prerogative as chair to formally
conclude the discussion of Phase 2 Recommendations.
john.
On Jan 16, 2014, at 12:55 PM, Joe St Sauver
<>
wrote:
> Tom commented:
>
> #That RFC is obsolete but in any case...
>
> MY RFC foo has been in disarray lately because the RFC server that I
> always used, and which appears at the top of the Google results (at least
> in my "search bubble") has been refusing queries lately. Sorry. Assume
> "substitute the latest/greatest RFC, if the mentioned one has been
> obsoleted" (I always have this same problem with RFC822, FWIW, too,
> even though I KNOW that RFC2822 is what I "meant")
>
> #to this:
> #
> #"a self-signed X.509v3 certificate containing a public key"
>
> Much better.
>
> #Joe, to understand why your suggestion is actually a step in reverse,
> #you have to go back to Phase 1 and recall that we've completely
> #eliminated all traces of the legacy X.509 PKI associated with the
> #metadata signing key.
>
> Except for the fact that you're actually using a X.509v3 cert. :-)
>
> #>>(btw, if you try to go to https://md.incommon.org/certs/inc-md-cert.pem
> #>>you get a cert error, because that host uses a cert that's only valid
> #>>for wayf.incommonfederation.org,
> #>
> #> I don't think the TLS option was on the table, based on the last round of
> #> conversation about this on TAC, but I'd have to go back and look.
> #
> #Right, this is still an open question. IJ and I need to consider our
> #options and then I promised TAC I would bring this issue back for
> #further discussion and eventual resolution.
>
> Remember, if the IETF httpbis chair gets his way, ALL http will be
> encrypted.
>
> :-)
>
> Regards,
>
> Joe
- Re: [md-distro] Agenda: Review and Final Meeting [0169395#], Joe St Sauver, 01/16/2014
- Re: [md-distro] Agenda: Review and Final Meeting [0169395#], Tom Scavo, 01/16/2014
- Re: [md-distro] Agenda: Review and Final Meeting [0169395#], John Krienke, 01/16/2014
Archive powered by MHonArc 2.6.16.