idnits 2.17.00 (12 Aug 2021) /tmp/idnits41235/draft-linus-trans-gossip-transport-https-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document date (October 27, 2014) is 2763 days in the past. Is this intentional? Checking references for intended status: Experimental ---------------------------------------------------------------------------- == Unused Reference: 'RFC0822' is defined on line 132, but no explicit reference was found in the text == Unused Reference: 'RFC2119' is defined on line 135, but no explicit reference was found in the text == Unused Reference: 'RFC2246' is defined on line 138, but no explicit reference was found in the text == Unused Reference: 'RFC4346' is defined on line 154, but no explicit reference was found in the text == Unused Reference: 'RFC5246' is defined on line 157, but no explicit reference was found in the text ** Obsolete normative reference: RFC 822 (Obsoleted by RFC 2822) ** Obsolete normative reference: RFC 2246 (Obsoleted by RFC 4346) ** Obsolete normative reference: RFC 2459 (Obsoleted by RFC 3280) ** Obsolete normative reference: RFC 2616 (Obsoleted by RFC 7230, RFC 7231, RFC 7232, RFC 7233, RFC 7234, RFC 7235) ** Obsolete normative reference: RFC 4346 (Obsoleted by RFC 5246) ** Obsolete normative reference: RFC 5246 (Obsoleted by RFC 8446) -- Obsolete informational reference (is this intentional?): RFC 6962 (Obsoleted by RFC 9162) Summary: 6 errors (**), 0 flaws (~~), 7 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 TRANS L. Nordberg 3 Internet-Draft NORDUnet 4 Intended status: Experimental October 27, 2014 5 Expires: April 30, 2015 7 Transparency Gossip HTTPS transport 8 draft-linus-trans-gossip-transport-https-00 10 Abstract 12 This document specifies a [draft-linus-trans-gossip] transport 13 protocol for sending Transparency Gossip messages over https. 15 Status of This Memo 17 This Internet-Draft is submitted in full conformance with the 18 provisions of BCP 78 and BCP 79. 20 Internet-Drafts are working documents of the Internet Engineering 21 Task Force (IETF). Note that other groups may also distribute 22 working documents as Internet-Drafts. The list of current Internet- 23 Drafts is at http://datatracker.ietf.org/drafts/current/. 25 Internet-Drafts are draft documents valid for a maximum of six months 26 and may be updated, replaced, or obsoleted by other documents at any 27 time. It is inappropriate to use Internet-Drafts as reference 28 material or to cite them other than as "work in progress." 30 This Internet-Draft will expire on April 30, 2015. 32 Copyright Notice 34 Copyright (c) 2014 IETF Trust and the persons identified as the 35 document authors. All rights reserved. 37 This document is subject to BCP 78 and the IETF Trust's Legal 38 Provisions Relating to IETF Documents 39 (http://trustee.ietf.org/license-info) in effect on the date of 40 publication of this document. Please review these documents 41 carefully, as they describe your rights and restrictions with respect 42 to this document. Code Components extracted from this document must 43 include Simplified BSD License text as described in Section 4.e of 44 the Trust Legal Provisions and are provided without warranty as 45 described in the Simplified BSD License. 47 Table of Contents 49 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 50 2. Sending and receiving . . . . . . . . . . . . . . . . . . . . 2 51 3. Message format and processing . . . . . . . . . . . . . . . . 3 52 4. Security considerations . . . . . . . . . . . . . . . . . . . 3 53 5. IANA considerations . . . . . . . . . . . . . . . . . . . . . 3 54 6. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 3 55 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 3 56 7.1. Normative References . . . . . . . . . . . . . . . . . . 3 57 7.2. Informative References . . . . . . . . . . . . . . . . . 4 58 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 4 60 1. Introduction 62 Using web servers as "gossip pools" is expected to be helpful for 63 transparency gossiping, especially for [RFC6962]. 65 Web browsers can act as an HTTPS transport, sending and receiving 66 gossip messages to web servers it connects to for other reasons than 67 gossiping. 69 HTTPS transports that don't have connections to web servers for other 70 reasons than gossiping may connect to web servers known to support 71 gossiping. They can be known by configuration or by other 72 mechanisms. This document does not specify such mechanisms. 74 2. Sending and receiving 76 Gossip messages may contain sensitive information and MUST NOT be 77 sent over connections which are not encrypted as described in 78 [RFC2817] or [RFC2818] using TLS version 1.0 or higher. When 79 applicable the server SHOULD be authenticated using X.509 80 certificates as described in [RFC2459] or by other means. 82 HTTPS gossip messages are sent in [RFC2616] message headers with the 83 field-name "TransGossip". 85 An HTTPS transport 87 o SHOULD send gossip messages to HTTP servers that have indicated 88 that they accept gossip by sending an HTTP response-header 89 "TransGossipEnabled" with the value "Yes" 91 o MAY send gossip messages to HTTP servers that haven't indicated 92 willingness to accept gossip 94 o MUST NOT send gossip messages to HTTP servers that have indicated 95 that they don't accept gossip by sending an HTTP response-header 96 "TransGossipEnabled" with the value "No" 98 3. Message format and processing 100 Messages are strings of US-ASCII data on the following form: 102 :: 104 'protocol-version' is the version number of the protocol in decimal. 105 This version is 0. 107 'log-id' and 'gossip-data' are as defined in the GOSSIP-MSG of 108 [draft-linus-trans-gossip]. Note that 'gossip-data' is 109 base64-encoded. 111 Messages MUST be processed according to [draft-linus-trans-gossip]. 113 [FIXME are there any http specific processing rules to be added?] 115 4. Security considerations 117 TBD 119 5. IANA considerations 121 TBD 123 6. Contributors 125 The author would like to thank Ben Laurie for their valuable 126 contributions. 128 7. References 130 7.1. Normative References 132 [RFC0822] Crocker, D., "Standard for the format of ARPA Internet 133 text messages", STD 11, RFC 822, August 1982. 135 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 136 Requirement Levels", BCP 14, RFC 2119, March 1997. 138 [RFC2246] Dierks, T. and C. Allen, "The TLS Protocol Version 1.0", 139 RFC 2246, January 1999. 141 [RFC2459] Housley, R., Ford, W., Polk, T., and D. Solo, "Internet 142 X.509 Public Key Infrastructure Certificate and CRL 143 Profile", RFC 2459, January 1999. 145 [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., 146 Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext 147 Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. 149 [RFC2817] Khare, R. and S. Lawrence, "Upgrading to TLS Within 150 HTTP/1.1", RFC 2817, May 2000. 152 [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000. 154 [RFC4346] Dierks, T. and E. Rescorla, "The Transport Layer Security 155 (TLS) Protocol Version 1.1", RFC 4346, April 2006. 157 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 158 (TLS) Protocol Version 1.2", RFC 5246, August 2008. 160 [draft-linus-trans-gossip] 161 "Transparency Gossip", n.d.. 163 7.2. Informative References 165 [RFC6962] Laurie, B., Langley, A., and E. Kasper, "Certificate 166 Transparency", RFC 6962, June 2013. 168 Author's Address 170 Linus Nordberg 171 NORDUnet 173 Email: linus@nordu.net