ound approach is (2).
> IMHO it isn't prohibitively expensive either.
>
> Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
> Original Message
> From: Björn Tackmann
> Sent: Tuesday, June 14, 2016 05:23
> To: tls@ietf.org
> Subject: Re: [TLS] Con
+1
> On Jun 14, 2016, at 7:08 AM, Karthikeyan Bhargavan
> wrote:
>
> I prefer (2)
>
>> On 13 Jun 2016, at 22:27, Daniel Kahn Gillmor wrote:
>>
>> On Mon 2016-06-13 15:00:03 -0400, Joseph Salowey wrote:
>>> 1. Use the same key for
protecting against traffic analysis).
I’m totally in for protecting user privacy. I simply believe that we should
first specify what we want, then see whether we can achieve it, and then build
the mechanism that does it.
Cheers,
Bjoern
--
Björn Tackmann
Postdoctoral Research Scholar
Computer Sci
disabled, and
trial-decrypt. This is messier than both of the above, but seems a possible
compromise between modularity and privacy.
What do you think?
Thanks & best,
Björn
[1]
http://www.internetsociety.org/events/ndss-symposium-2016/tls-13-ready-or-not-tron-workshop-programme
--
Björn
> On Sep 23, 2015, at 4:17 PM, Jeffrey Walton wrote:
>
>> IMHO, compression adds too many security vulnerabilities to a general
>> purpose secure communication protocol. I think TLS 1.3 is right in
>> eliminating it. It is too big a foot gun.
>
> To play devil's advocate: