The SecEvent delivery specifications have been revised to unambiguously require the use of TLS, while preserving descriptions of precautions needed for non-TLS use in non-normative appendices. Thanks to the Security Events and Shared Signals and Events working group members who weighed in on this decision. I believe these drafts are now ready to be scheduled for an IESG telechat.
The updated specifications are available at:
- https://tools.ietf.org/html/draft-ietf-secevent-http-push-12
- https://tools.ietf.org/html/draft-ietf-secevent-http-poll-11
HTML-formatted versions are also available at:
Leave a Reply
You must be logged in to post a comment.