W3C home > Mailing lists > Public > public-webappsec@w3.org > December 2014

Re: Public Key Pinning (was Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure)

From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 27 Dec 2014 18:51:39 -0500
Message-ID: <CAH8yC8mEe_tb9R+pjat3BfPdFhwOrMU5OVW-WgEWn5TT7FKFKQ@mail.gmail.com>
To: rsleevi@chromium.org
Cc: security-dev <security-dev@chromium.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>, blink-dev <blink-dev@chromium.org>, "dev-security@lists.mozilla.org" <dev-security@lists.mozilla.org>, WebCrypto Comments <public-webcrypto-comments@w3.org>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>
On Sat, Dec 27, 2014 at 6:20 PM, Ryan Sleevi <rsleevi@chromium.org> wrote:
> ...
> You seem to be operating from quite a bit of confusion about pinning or how
> it works, and from that have drawn a number or inaccurate

I think I have quite a good idea about how pinning works. I was using
it as a security control long before the draft was proposed to the

> (and, in some
> cases, inflammatory) conclusions.

Well, I'm not sure what to say. If holding leaders responsible, then I
am guilty as charged.

> Rather than cross-posting to a variety of lists on an unrelated thread,
> perhaps it best to continue the discussions in the IETF.

My apologies to other lists. I'm going to add WebCrypto to this one
since the reply below seems very relevant.

> There is no shadowy committee politiking for compromise waiting for you
> there - it was simply a bad and inherently inconsistent idea removed,
> recognized as such by technically savvy people during the process of
> standardizing.

Oh, the irony of your earlier ad hominem claims. The best I can tell,
you been running rough shot over every group you've been a member of.
When someone disagrees with you, you regress precisely into personal
attacks. Your behavior has particularly distasteful on WebCrypto, and
you've been criticized quite a few times for it by others.

>From WebCrypto, you probably realized that I try not to engage in the
personal attacks and insults. That seems to have promoted your poor
behavior. I suppose I'm partially to blame because I allowed it to
happen in an effort to improve harmony. My apologies for that.

Received on Saturday, 27 December 2014 23:52:10 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:44 UTC