> Thanks for the draft. As you might guess from earlier discussion > on here, I think the more-than-MTI approach espoused is maybe the > right one, if we can figure out how to state the requirement well. > Have you any ideas on that, or on how we could get towards a > situation where that gained consensus?
Networking standards are promoted by consensus and by network effects. In the absence of some forcing function, "fallback to clear text" gets promoted by network effects, because it is de facto forced by the sites that don't bother deploying the more secure options. The best way to break that is to provide "air cover" for security, e.g. a text in the protocol description RFC that says "nodes requiring a modicum of security SHOULD refuse to use clear text connections." That would effectively turn the tables. Suppose for example that a large enough mail service starts to require TLS for SMTP connections. Many sites who are accustomed to send mail in clear text will initially protest when their mail gets bounced. But if the standard says that yes, they have all right to do that, then the big site has "air cover." "I am not breaking you, I am just following best practice." At this point, you will see more and more sites opting to turn on TLS, and pretty soon the network effects will work in favor of encryption. Of course, to be practical, this requires that sites can easily get a certificate of some kind, PKI or DANE, to actually use TLS... -- Christian Huitema _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
