Anne & Lynn Wheeler <[EMAIL PROTECTED]> writes:
> At 12:09 PM 10/7/2003 -0700, Eric Rescorla wrote:
> >This doesn't provide equivalent services to TLS--no anti-replay
> >service for the server.
>
> KISS ... for the primary business requirement .... the application
> already has anti-replay .... TLS ant-replay is then redundant and
> superfluous.
>
> yes, it isn't existing TLS .... it is KISS TLS based on primary
> business requirement ... as mentioned in original, not on existing
> specification for existing implementation
But calling it "KISS TLS" is very inaccurate, since it
doesn't provide equivalent security guarantees. What you're
proposing doesn't really have any connection to TLS.
> Making it significantly more simple and lightweight might encourage it
> to be used more extensively.
Extensive performance analysis shows that the performance cost
in TLS is cryptography, not message passing. Your suggestion
doesn't improve that much at all.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]
http://www.rtfm.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
