Public Key Pinning Extension for HTTP
RFC 7469

Revision differences

Document history

Date Rev. By Action
2015-10-14
21 (System) Notify list changed from websec-chairs@ietf.org, draft-ietf-websec-key-pinning@ietf.org to (None)
2015-04-19
21 (System) RFC published
2015-02-26
21 (System) RFC Editor state changed to AUTH48-DONE from AUTH48
2015-02-20
21 (System) RFC Editor state changed to AUTH48 from RFC-EDITOR
2015-02-18
21 (System) RFC Editor state changed to RFC-EDITOR from EDIT
2015-01-16
21 (System) RFC Editor state changed to EDIT from MISSREF
2014-10-14
21 Amy Vezza IESG state changed to RFC Ed Queue from Approved-announcement sent
2014-10-13
21 (System) RFC Editor state changed to MISSREF
2014-10-13
21 (System) Announcement was received by RFC Editor
2014-10-13
21 (System) IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor
2014-10-13
21 (System) IANA Action state changed to Waiting on RFC Editor from Waiting on Authors
2014-10-13
21 (System) IANA Action state changed to Waiting on Authors from In Progress
2014-10-13
21 (System) IANA Action state changed to In Progress
2014-10-13
21 Barry Leiba Notification list changed to : websec-chairs@tools.ietf.org, draft-ietf-websec-key-pinning@tools.ietf.org
2014-10-13
21 Amy Vezza IESG state changed to Approved-announcement sent from Approved-announcement to be sent
2014-10-13
21 Amy Vezza IESG has approved the document
2014-10-13
21 Amy Vezza Closed "Approve" ballot
2014-10-13
21 Amy Vezza Ballot approval text was generated
2014-10-11
21 Barry Leiba IESG state changed to Approved-announcement to be sent from IESG Evaluation::AD Followup
2014-10-11
21 Kathleen Moriarty [Ballot comment]
Thanks for the adjustments to address my concerns/questions.
2014-10-11
21 Kathleen Moriarty [Ballot Position Update] Position for Kathleen Moriarty has been changed to No Objection from Discuss
2014-10-09
21 Stephen Farrell
[Ballot comment]

Thanks for clearing up my discuss points. One possible
remaining nit though:

- In 2.2 you say: "(1) the processing rules for HTTP ...
2014-10-09
21 Stephen Farrell [Ballot Position Update] Position for Stephen Farrell has been changed to Yes from Discuss
2014-10-08
21 Ted Lemon
[Ballot comment]
I've cleared my DISCUSS.  For the record, here it is, but there is no further action required:

This mechanism relies on ...
2014-10-08
21 Ted Lemon [Ballot Position Update] Position for Ted Lemon has been changed to No Objection from Discuss
2014-10-05
21 Ryan Sleevi New version available: draft-ietf-websec-key-pinning-21.txt
2014-08-23
20 Stephen Farrell
[Ballot discuss]

-20 doesn't cover this, the WG are on the job apparently

-- my discuss

Good doc. Two things I'd like to check ...
2014-08-23
20 Stephen Farrell Ballot discuss text updated for Stephen Farrell
2014-08-18
20 Gunter Van de Velde Closed request for Telechat review by OPSDIR with state 'No Response'
2014-08-15
20 Tero Kivinen Closed request for Early review by SECDIR with state 'No Response'
2014-08-12
20 Barry Leiba Changed consensus to Yes from Unknown
2014-08-07
20 Chris Palmer IANA Review state changed to Version Changed - Review Needed from IANA - Not OK
2014-08-07
20 Chris Palmer New version available: draft-ietf-websec-key-pinning-20.txt
2014-08-07
19 Cindy Morgan IESG state changed to IESG Evaluation::AD Followup from IESG Evaluation
2014-08-07
19 Joel Jaeggli [Ballot Position Update] New position, No Objection, has been recorded for Joel Jaeggli
2014-08-07
19 Ted Lemon
[Ballot discuss]
This mechanism relies on there being no MiTM attack from a compromised signing key either prior to a legitimate pinning, or in a ...
2014-08-07
19 Ted Lemon [Ballot Position Update] New position, Discuss, has been recorded for Ted Lemon
2014-08-07
19 Stephen Farrell
[Ballot discuss]

Good doc. Two things I'd like to check before moving to a yes
ballot:

(1) 2.1 - Can a simple-directive start with ...
2014-08-07
19 Stephen Farrell
[Ballot comment]

abstract and elswhere: SubjectPublicKeyInfo doesn't usually
have spaces between the terms. No big deal. After the abstract
would a ref to 5280 ...
2014-08-07
19 Stephen Farrell [Ballot Position Update] New position, Discuss, has been recorded for Stephen Farrell
2014-08-07
19 (System) IANA Review state changed to IANA - Not OK from Version Changed - Review Needed
2014-08-06
19 Spencer Dawkins [Ballot Position Update] New position, No Objection, has been recorded for Spencer Dawkins
2014-08-06
19 Kathleen Moriarty
[Ballot discuss]
Overall the draft is very good, thank you for writing it.  I just wanted to discuss some of the security/privacy considerations ...
2014-08-06
19 Kathleen Moriarty
[Ballot comment]
I agree with Richard's comment that the document is well written and an important document, thank you for writing it.  The ...
2014-08-06
19 Kathleen Moriarty [Ballot Position Update] New position, Discuss, has been recorded for Kathleen Moriarty
2014-08-06
19 Jari Arkko [Ballot Position Update] New position, No Objection, has been recorded for Jari Arkko
2014-08-06
19 Richard Barnes
[Ballot comment]
This is an important document, and overall clearly written.  There are a few points that it would be good to clean up ...
2014-08-06
19 Richard Barnes [Ballot Position Update] New position, Yes, has been recorded for Richard Barnes
2014-08-05
19 Alissa Cooper
[Ballot comment]
I agree with Pete's comment about the first sentence.

It would be nice if in Section 5 or 7 some suggestion could ...
2014-08-05
19 Alissa Cooper [Ballot Position Update] New position, Yes, has been recorded for Alissa Cooper
2014-08-05
19 Brian Haberman [Ballot comment]
I agree with Pete's Comments.
2014-08-05
19 Brian Haberman [Ballot Position Update] New position, No Objection, has been recorded for Brian Haberman
2014-08-05
19 Martin Stiemerling [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling
2014-08-04
19 Pete Resnick
[Ballot comment]
1: The first sentence is quite confusing. Might I suggest instead:

  This document defines a new HTTP header that enables user agents ...
2014-08-04
19 Pete Resnick [Ballot Position Update] New position, No Objection, has been recorded for Pete Resnick
2014-08-04
19 Adrian Farrel [Ballot Position Update] New position, No Objection, has been recorded for Adrian Farrel
2014-08-04
19 Barry Leiba Ballot has been issued
2014-08-04
19 Barry Leiba [Ballot Position Update] New position, Yes, has been recorded for Barry Leiba
2014-08-04
19 Barry Leiba Created "Approve" ballot
2014-08-04
19 Barry Leiba IESG state changed to IESG Evaluation from Waiting for AD Go-Ahead
2014-08-01
19 (System) IESG state changed to Waiting for AD Go-Ahead from In Last Call
2014-07-31
19 Elwyn Davies Request for Last Call review by GENART Completed: Ready with Issues. Reviewer: Elwyn Davies.
2014-07-31
19 Jean Mahoney Request for Last Call review by GENART is assigned to Elwyn Davies
2014-07-29
19 (System) IANA Review state changed to IANA - Not OK from IANA - Review Needed
2014-07-29
19 Pearl Liang
IESG/Authors/WG Chairs:

IANA has reviewed draft-ietf-websec-key-pinning-19.  Authors should review the comments and/or questions below.  Please report any inaccuracies and respond ...
2014-07-10
19 Jean Mahoney Request for Last Call review by GENART is assigned to Elwyn Davies
2014-07-07
19 Amy Vezza IANA Review state changed to IANA - Review Needed
2014-07-07
19 Amy Vezza
The following Last Call announcement was sent out:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
CC: <websec@ietf.org>
Reply-To: ietf ...
2014-07-07
19 Amy Vezza IESG state changed to In Last Call from Last Call Requested
2014-07-06
19 Gunter Van de Velde Request for Telechat review by OPSDIR is assigned to Juergen Quittek
2014-07-06
19 Barry Leiba Ballot writeup was changed
2014-07-04
19 Barry Leiba Notification list changed to : websec-chairs@tools.ietf.org, draft-ietf-websec-key-pinning@tools.ietf.org, websec@ietf.org
2014-07-04
19 Barry Leiba Placed on agenda for telechat - 2014-08-07
2014-07-04
19 Barry Leiba Last call was requested
2014-07-04
19 Barry Leiba Ballot approval text was generated
2014-07-04
19 Barry Leiba Ballot writeup was generated
2014-07-04
19 Barry Leiba I've changed the last call date to 1 Aug.
2014-07-04
19 Barry Leiba IESG state changed to Last Call Requested from AD Evaluation::AD Followup
2014-07-04
19 Barry Leiba Last call announcement was changed
2014-07-04
19 Barry Leiba Last call announcement was generated
2014-07-04
19 Chris Palmer New version available: draft-ietf-websec-key-pinning-19.txt
2014-07-03
18 (System) Sub state has been changed to AD Followup from Revised ID Needed
2014-07-03
18 Chris Palmer New version available: draft-ietf-websec-key-pinning-18.txt
2014-07-03
17 Tero Kivinen Request for Early review by SECDIR is assigned to Melinda Shore
2014-07-03
17 Tero Kivinen Closed request for Early review by SECDIR with state 'Withdrawn'
2014-06-26
17 Barry Leiba Revised I-D needed to address AD review comments that were posted to the websec mailing list.
2014-06-26
17 Barry Leiba IESG state changed to AD Evaluation::Revised I-D Needed from AD Evaluation
2014-06-25
17 Barry Leiba IESG state changed to AD Evaluation from Publication Requested
2014-06-25
17 Yoav Nir
Summary
=======

This document is a product of the WebSec working group intended to be
published as a standards-track RFC. Yoav Nir is the document
shepherd ...
2014-06-25
17 Yoav Nir State Change Notice email list changed to websec-chairs@tools.ietf.org, draft-ietf-websec-key-pinning@tools.ietf.org
2014-06-25
17 Yoav Nir Responsible AD changed to Barry Leiba
2014-06-25
17 Yoav Nir IETF WG state changed to Submitted to IESG for Publication from WG Document
2014-06-25
17 Yoav Nir IESG state changed to Publication Requested
2014-06-25
17 Yoav Nir IESG process started in state Publication Requested
2014-06-25
17 Yoav Nir Changed document writeup
2014-06-25
17 Yoav Nir Document shepherd changed to Yoav Nir
2014-06-25
17 Yoav Nir Intended Status changed to Proposed Standard from None
2014-06-25
17 Chris Palmer New version available: draft-ietf-websec-key-pinning-17.txt
2014-06-25
16 Chris Palmer New version available: draft-ietf-websec-key-pinning-16.txt
2014-06-16
15 Chris Palmer New version available: draft-ietf-websec-key-pinning-15.txt
2014-06-12
14 Chris Palmer New version available: draft-ietf-websec-key-pinning-14.txt
2014-05-13
13 Chris Palmer New version available: draft-ietf-websec-key-pinning-13.txt
2014-04-28
12 Chris Palmer New version available: draft-ietf-websec-key-pinning-12.txt
2014-02-07
11 Chris Palmer New version available: draft-ietf-websec-key-pinning-11.txt
2014-02-06
10 Chris Palmer New version available: draft-ietf-websec-key-pinning-10.txt
2013-11-26
09 Chris Palmer New version available: draft-ietf-websec-key-pinning-09.txt
2013-07-11
08 Chris Palmer New version available: draft-ietf-websec-key-pinning-08.txt
2013-07-08
07 Chris Palmer New version available: draft-ietf-websec-key-pinning-07.txt
2013-07-05
06 Tero Kivinen Request for Early review by SECDIR is assigned to Julien Laganier
2013-06-18
06 Chris Palmer New version available: draft-ietf-websec-key-pinning-06.txt
2013-06-06
05 Chris Palmer New version available: draft-ietf-websec-key-pinning-05.txt
2012-12-06
04 Chris Palmer New version available: draft-ietf-websec-key-pinning-04.txt
2012-10-16
03 Chris Palmer New version available: draft-ietf-websec-key-pinning-03.txt
2012-06-04
02 Chris Palmer New version available: draft-ietf-websec-key-pinning-02.txt
2011-12-09
01 (System) New version available: draft-ietf-websec-key-pinning-01.txt
2011-11-30
00 (System) New version available: draft-ietf-websec-key-pinning-00.txt