I said this about 7 months ago and I still agree that there should be
no mandatory transport layer encryption as this should be provided
outside of the scope of this draft.
Julian
Sent from my iPhone
On Dec 11, 2009, at 5:39 AM, Ari Keranen <[email protected]>
wrote:
Hi,
David A. Bryan wrote:
Concern 1: Mandatory TLS/DTLS Inappropriate in some Contexts
I’ve raised this issue before, but I’m hoping that now that
people have had a bit more time to think about all the use cases,
see what it means in the real world, etc., there might be a bit mo
re support for modifying the requirement for TLS/DTLS. TLS/DTLS ma
kes sense in some cases, but if we are expecting RELOAD to be reus
able, it is clear to me that it does not make sense in all cases.
It was familiar
to the editors, and well understood, so it made sense as a proposal,
but I disagree with it being the mandatory/only solution.
I fully agree with David that making (D)TLS mandatory is not a good
idea, especially concerning re-usability of the protocol in scenarios
where you already have similar security features provided by the
underlying system.
Cheers,
Ari
_______________________________________________
P2PSIP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/p2psip
_______________________________________________
P2PSIP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/p2psip
