Hi,
David A. Bryan wrote:
Concern 1: Mandatory TLS/DTLS Inappropriate in some Contexts
I’ve raised this issue before, but I’m hoping that now that people
have had a bit more time to think about all the use cases, see what
it means in the real world, etc., there might be a bit more support
for modifying the requirement for TLS/DTLS. TLS/DTLS makes sense in
some cases, but if we are expecting RELOAD to be reusable, it is
clear to me that it does not make sense in all cases. It was familiar
to the editors, and well understood, so it made sense as a proposal,
but I disagree with it being the mandatory/only solution.
I fully agree with David that making (D)TLS mandatory is not a good
idea, especially concerning re-usability of the protocol in scenarios
where you already have similar security features provided by the
underlying system.
Cheers,
Ari
_______________________________________________
P2PSIP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/p2psip
