On 11/28/2013 3:47 AM, Norbert Bollow wrote:
Yes, end-to-end encryption is absolutely essential.
But protecting "who communicated with whom" data, which can also be
highly sensistive, requires further steps in addition to end-to-end
encryption.
I've been skeptical about the avid focus on using TLS, because it isn't
end-to-end. Object-based mechanisms, like PGP or TLS, are what's
needed for that.
Then it was pointed out exactly the above, namely that these mechanisms
protect little or none of the meta-data, whereas TLS does protect it
(except within transit nodes, between TLS sessions, of course)
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
