This NIST workshop<https://www.nccoe.nist.gov/events/virtual-workshop-challenges-compliance-operations-and-security-tls-13> is investigating the exact problem discussed on this thread. Several types of solutions have been proposed there.
Cheers, Andrei From: TLS <tls-boun...@ietf.org> On Behalf Of Darin Pettis Sent: Monday, May 17, 2021 2:04 PM To: Stephen Farrell <stephen.farr...@cs.tcd.ie> Cc: tls@ietf.org Subject: [EXTERNAL] Re: [TLS] Use-case for non-AEAD ciphers in network monitoring Hi Stephen, Thanks for the quick reply as I know it is getting late in Ireland. I’m sure you do remember the conversation as you spent a lot of time at the microphone around it. :-) It is certainly not an easy question to answer but this group comprises the smartest people that I know!! Surely someone must be up for the challenge as fully half of the people in that London hall voiced the need for it. Furthermore, when the day comes that TLS 1.2 can’t be used anymore, for whatever the reason, this need is going to come racing down the tracks… So, while everyone is breathing easy right now, it would be great to address the need proactively. Respectfully, Darin On Mon, May 17, 2021 at 3:48 PM Stephen Farrell <stephen.farr...@cs.tcd.ie<mailto:stephen.farr...@cs.tcd.ie>> wrote: Hiya, On 17/05/2021 21:33, Darin Pettis wrote: > TLS 1.3 did a great job regarding safety of data on the Internet. For the > next version, let’s focus on how to best meet this used case I think we had this discussion a few years ago. There is no sensible boundary at which TLS can apply different cryptographic treatment. There were also many many other points raised at that time that I don't think we'll benefit from repeating. Cheers, S.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
