On Nov 19, 2013, at 2:28 AM, Stephane Bortzmeyer <[email protected]> wrote:
> On Tue, Nov 19, 2013 at 11:24:50AM +0100, > Eliot Lear <[email protected]> wrote > a message of 20 lines which said: > >> OE may have other very valid uses > > The problem is not with the concept, it is with the > words. "opportunistic encryption" is used in many places but poorly > defined and many fights erupt because people do not actually > understand the same thing when they hear "opportunistic encryption". > > What I suggest is to stop using this terme and instead to say: > > 1) "Encryption on demand" Encryption without a peer-specific > arrangement. This is the meaning used in RFC 4322. Can be safe. I believe that this is what 4322 calls an "opportunistic tunnel" as compared to a "configured tunnel". Is there a reason to call it something else? > 2) "Encryption without authentication". This is the meaning used in RFC > 5386. Safe only against a purely passive attacker. > > 3) "Encryption with a fallback" (to unencrypted mode). This is the > Wikipedia definition. Certainly unsafe.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ ietf-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-privacy
