W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2014

Re: Indicating Chosen Service #443

From: Erik Nygren <erik@nygren.org>
Date: Fri, 25 Apr 2014 14:08:49 -0400
Message-ID: <CAKC-DJi=n9TXYLjXydK148HG4Lsqrx3_piasMyh+wd-u+iX17A@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
On Fri, Apr 25, 2014 at 2:05 PM, Martin Thomson <martin.thomson@gmail.com>wrote:

> That's the extreme option.  I'm thinking that we might just be able to
> scrub the expiry time and maybe even allow the first domain component
> to be replaced with '*', so that wildcard certificate owners are
> unable to use 'somehighentropylabel.example.com' as their ALTSVC in
> the interests of tracking.  I need to think about that last one a
> little more, it might be that it's overkill.
>

Given that the ALTSVC name isn't associated with the cert name, the
highentropylabel could exist across multiple labels.  There are also
legitimate uses for wanting to know the first domain component (eg, if it
is routing information or the name of the server cluster the user was sent
to).
Received on Friday, 25 April 2014 18:09:16 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:30 UTC