New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
IP address reference identities #685
Conversation
2c8f2a6
to
1eba27d
Compare
This is how it works in practice. RFC 6125 is due for an update, I guess. iPAddress subjectAltName has been supported for years and years, but it never managed to capture it properly. This is definitely a big change in that it now outlaws CN-ID. And the definition of IP-ID here is probably overreach, but I don't see how we can avoid that. I don't want to update RFC 6125 here (as much as it needs updating), so making the definition standalone seemed like the right way to handle it. Closes httpwg#680.
1eba27d
to
9be0301
Compare
Co-authored-by: Julian Reschke <julian.reschke@gmx.de>
Co-authored-by: Julian Reschke <julian.reschke@gmx.de>
Co-authored-by: Roy T. Fielding <fielding@gbiv.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll trust @martinthomson :-)
Co-authored-by: Julian Reschke <julian.reschke@gmx.de>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for the late comment; apparently my github notifications aren't set to send me email when a new PR references an issue I'm watching.
<section title="IP-ID reference identity" anchor="https.ip-id"> | ||
<t> | ||
A server that is identified using an IP address literal in the "host" field | ||
of an "https" URI has a reference identity of type IP-ID. An IP version 4 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I note that in the recently approved draft-ietf-dtn-tcpclv4, we used the term IPADDR-ID for the iPAddress SAN.
If we think that IP-ID is better, I can try to reach out to get the DTN doc changed during AUTH48 to be consistent.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
Make reference to Caching less specific editorial semantics httpwg/http-core#746 Clarify status code range semantics httpwg/http-core#717 IP address reference identities httpwg/http-core#685 Try to better define "strong" encryption httpwg/http-core#695 Use overwrite rather than "white out" editorial semantics httpwg/http-core#699 A content-type converts abstract data into bits semantics httpwg/http-core#702 Cite conditional requests in 412 definition httpwg/http-core#721 Clarify that selection between multiple acceptable codings is only relevant when some of the acceptable ones are redundant editorial semantics httpwg/http-core#720 Values of newly defined fields should only use VCHAR/SP/HTAB editorial semantics httpwg/http-core#718 move paragraph about delimiters down editorial semantics httpwg/http-core#716 Remove 6919 language editorial has-proposal semantics httpwg/http-core#693
This is how it works in practice.
RFC 6125 is due for an update, I guess. iPAddress subjectAltName has been
supported for years and years, but it never managed to capture it properly.
This is definitely a big change in that it now outlaws CN-ID. And the
definition of IP-ID here is probably overreach, but I don't see how we can
avoid that. I don't want to update RFC 6125 here (as much as it needs
updating), so making the definition standalone seemed like the right way to
handle it.
Closes #680.