A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Certificate Pinning Extension for HSTS
Author(s) : Chris Evans
Chris Palmer
Filename : draft-evans-palmer-hsts-pinning-00.txt
Pages : 11
Date : 2011-09-21
This memo describes an extension to the HTTP Strict Transport
Security specification allowing web host operators to instruct UAs to
remember ("pin") hosts' cryptographic identities for a given period
of time. During that time, UAs will require that the host present a
certificate chain including at least one public key whose fingerprint
matches one or more of the pinned fingerprints for that host. By
effectively reducing the scope of authorities who can authenticate
the domain during the lifetime of the pin, we hope pinning reduces
the incidence of man-in-the-middle attacks due to compromised
Certification Authorities and other authentication errors and
attacks.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-evans-palmer-hsts-pinning-00.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-evans-palmer-hsts-pinning-00.txt
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
