I did a bit of an update to [1].
As before PRs are welcome and I (still) wonder if the
WG would benefit from documenting bits of this stuff
as a work item to save time and repetition in future.
S.
[1] https://github.com/sftcd/tinfoil
On 08/10/17 23:35, Blumenthal, Uri - 0553 - MITLL wrote:
> +1 to Stephen.
>
> Regards,
> Uri
>
> Sent from my iPhone
>
>> On Oct 8, 2017, at 18:34, Stephen Farrell wrote:
>>
>>
>>
>>> On 08/10/17 23:22, Eric Rescorla wrote:
>>> You seem to be responding to some other thread.
>>
>> Yep. I changed the subject line.
>>
>> Randy's substantive message however is crystal clear. And is
>> one that WG participants ought take to heart IMO. Pretending
>> that some changes to TLS would magically be limited in scope
>> to so-called "data centres" is BS. I'm really really puzzled
>> that some otherwise sensible folks appear unable to see that.
>>
>> S
>>
>>
>>> As both Adam Langley and I
>>> mentioned, none of the changes that anyone is investigating for reducing
>>> middlebox-induced breakage affect the cryptographic properties of TLS.
>>>
>>> -Ekr
>>>
>>>
On Sun, Oct 8, 2017 at 2:42 PM, Randy Bush wrote:
there are a lot of us lurkers out here a bit horrified watching this wg
go off the rails.
it would help if vendors of devices which break privacy would stop
speaking for 'datacenters' and let datacenters speak for themselves. i
have not seen any doing so. my $dayjob has >10 medium sized datacenters
serving everything from banks to telcos to scaled cloud services. i can
not find folk in our datacenter groups who see a need to break e2e
encryption.
if the interception proposals ensured that user is notified and able to
prevent session interception, then i would believe this. but if they do
not, then let's face it, this is all about selling surveillance gear to
snooping enterprises and repressive regiemes where people with guns take
you away at 3am because your session was decoded.
can we please provide real end to end privacy or call this wg something
else?
randy
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
>>>
>>>
>>>
>>> ___
>>> TLS mailing list
>>> TLS@ietf.org
>>> https://www.ietf.org/mailman/listinfo/tls
>>>
>>
>> ___
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>
signature.asc
Description: OpenPGP digital signature
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls