Skip to Content.
Sympa Menu

per-entity - Re: [Per-Entity] supporting metadata distribution via HTTPS

Subject: Per-Entity Metadata Working Group

List archive

Re: [Per-Entity] supporting metadata distribution via HTTPS


Chronological Thread 
  • From: "Cantor, Scott" <>
  • To: Tom Scavo <>, Paul Caskey <>
  • Cc: Per-Entity Metadata Working Group <>
  • Subject: Re: [Per-Entity] supporting metadata distribution via HTTPS
  • Date: Wed, 7 Sep 2016 16:56:57 +0000
  • Accept-language: en-US
  • Authentication-results: spf=pass (sender IP is 164.107.81.218) smtp.mailfrom=osu.edu; incommon.org; dkim=none (message not signed) header.d=none;incommon.org; dmarc=bestguesspass action=none header.from=osu.edu;
  • Ironport-phdr: 9a23:osOZ6xe+bWbxu7fMPG0k0fgelGMj4u6mDksu8pMizoh2WeGdxc65Zx7h7PlgxGXEQZ/co6odzbGJ4+a9AidZvN6oizMrTt9lb1c9k8IYnggtUoauKHbQC7rUVRE8B9lIT1R//nu2YgB/Ecf6YEDO8DXptWZBUj22Dwd+J/z0F4jOlIz3krnqo9yAKzlP0Qa6ZPtJJxyoqk2FqtMNioJ8LY4wzAfEuH1FZ74QyG91cxbbpx/h4o+b9YVg/jUY7+oq/tVDXLTSfqIkQKZeASh8dW05+Zu4mwPESF7FzXIaTmIM1lJzCA/Z8FuyCpz4tDf9rKwn8C6BIIv7Qa1iCmfq1LtiVBK90HRPDDU+6myCz5Uo1K8=
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:99
On 9/7/16, 12:48 PM,
"
on behalf of Tom Scavo"
<
on behalf of
>
wrote:

> You're preaching to the choir :-) and that's exactly my point. You
> don't have to convince me; you somehow have to convince the average
> deployer. By serving metadata over plain HTTP, we force the issue
> (analogous to publishing front-channel bindings only).

But http isn't the best choice, https with a signature check is. So that's
what should be documented, IMHO. Cut and paste.

I agree strongly that hiding it is a bad idea. Do it or not, but don't try
and have it both ways.

-- Scott



Archive powered by MHonArc 2.6.19.

Top of Page