On Oct 15, 2013, at 1:49 PM, Stephen Kent <[email protected]> wrote: > Joel, >> On Oct 14, 2013, at 8:01 AM, Ralf Skyper Kaiser <[email protected]> wrote: >> >>> Hi, >>> >>> I understand the goal of making life harder for state surveillance. >>> However, I am not willing (personally) to incur any degraded user >>> experience, >>> premature cell phone battery depletion, etc in order to support this goal. >>> I suspect, but cannot prove, that most users would express similar feelings. >> the browser/CA transition from 1024 to 2048 bit certs is ongoing albiet done >> soon. That's a cost that everyone is paying for whether they know it or not… >> We therefore have an internet scale existence proof. > Which RFC mandated this? My guess is NONE. >
the recommendation comes from nist 800-131A and 800-57 I'd link to them if the nist website were up but it isn't. > This represents a decision by a set of CAs and browser vendors, external to > the > IETF, to improve security. I'm not particularly enamoured of the idea the the IETF is the sole or even principle arbiter of industry consensus, so lets assume that it isn't. Whether you want to pay the cpu consumption tax or not, there's enough industry consensus on the subject that you don't have a choice. > That's fine, but it is also not representative of many > of the suggested mechanisms that have been proposed on this list, by some > folks. > Steve >
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
