On 19/06/11 9:47 PM, Jon Callas wrote:
Why not send *all* your network traffic over TLS?
On 2011-06-22 7:14 AM, Ian G wrote:
The typical reasons for not using TLS would be (a) it's a
stream-oriented point-to-point protocol, whereas most activity is
app-level datagram-oriented, (b) it's too closely linked with PKI / x509
implementations, which is too clumsy in many ways, and (c) it only
delivers a relatively small subset of a fuller security model.
Which theory of course only makes any sense if one is prepared to
compete with TLS and do it all properly.
The time is long overdue for an encryption protocol that is not layered
on top of tcp, and which has protocol negotiation built in.
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
