- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Thu, 2 Mar 2017 14:25:12 +1100
- To: Mark Nottingham <mnot@mnot.net>
- Cc: Charlie Kaufman <charliekaufman@outlook.com>, "secdir@ietf.org" <secdir@ietf.org>, The IESG <iesg@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
>> I believe the answer is that without that restriction there are scenarios where the feature could make it logistically easier to impersonate a server without modifying DNS responses. But more explanation in the document would have been helpful. That's maybe *part* of the reason, which is to say that I'm not 100% confident that I could write down exactly why in a way that wouldn't be either subtly wrong, or in other ways act as an irritant. For instance, I think that part of the reason is that it is just so damned easy to get a valid cert that we create the more incentives to deploy a server that could do HTTPS, even when that is not possible for other reasons. But then, it's entirely possible that the real reason is subjective. That's why I agree with Mark: > I'm a little reluctant to start adding rationale for each requirement en masse at this stage; it feels likely that we'd misrepresent something.
Received on Thursday, 2 March 2017 03:25:47 UTC