that will, perhaps sooner
than we might expect, be deprecated.
-Andrew
-Original Message-
From: Yaron Sheffer [mailto:yaronf.i...@gmail.com]
Sent: Friday, September 23, 2016 3:52 PM
To: BITS Security <bitssecur...@fsroundtable.org>; Watson Ladd
<watsonbl...@gmail.com>; Ackerm
onbl...@gmail.com]
Sent: Thursday, September 22, 2016 3:06 PM
To: BITS Security <bitssecur...@fsroundtable.org>
Cc: tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3
On Thu, Sep 22, 2016 at 10:19 AM, BITS Security <bitssecur...@fsroundtable.org>
wrote:
> To: IETF TL
ilto:xiaoyi...@outlook.com]
Sent: Friday, September 23, 2016 5:00 PM
To: BITS Security <bitssecur...@fsroundtable.org>; Salz, Rich
<rs...@akamai.com>; nalini.elk...@insidethestack.com
Cc: tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3
Andrew,
I don't understand wh
body (like large
credit card companies in the case of PCI).
-Andrew
-Original Message-
From: Peter Bowen [mailto:pzbo...@gmail.com]
Sent: Friday, September 23, 2016 7:18 PM
To: BITS Security <bitssecur...@fsroundtable.org>
Cc: Yaron Sheffer <yaronf.i...@gmail.com>;
Thanks
>>
>> Mike
>>
>>
>>
>> -Original Message-
>> From: Jeffrey Walton [mailto:noloa...@gmail.com]
>> Sent: Friday, September 23, 2016 10:55 AM
>> To: Ackermann, Michael <mackerm...@bcbsm.com>
>> Cc: BITS Security <bit
as the canary in the coalmine... but
here we are now at least.
- Andrew
-Original Message-
From: Florian Weimer [mailto:f...@deneb.enyo.de]
Sent: Wednesday, October 5, 2016 2:17 PM
To: BITS Security <bitssecur...@fsroundtable.org>
Cc: tls@ietf.org
Subject: Re: [TLS] Industry Concerns abo
ncerned about the same unmanageable future they described.
Do Akami, Cloudlflare and Google magically not have these problems?
>
> Thanks
>
> Mike
>
>
>
> -Original Message-----
> From: Jeffrey Walton [mailto:noloa...@gmail.com]
> Sent: Friday, September 23,
Rich (et al.) -- I understand where you are coming from but I will poke a
little bit at this portrayal.
We are not here hat-in-hand asking for a return to RSA key exchange to the
proposed standard. We do however want to raise our concern (and hopefully your
awareness) of what appears to be
To: IETF TLS 1.3 Working Group Members
My name is Andrew Kennedy and I work at BITS, the technology policy division of
the Financial Services Roundtable (http://www.fsroundtable.org/bits). My
organization represents approximately 100 of the top 150 US-based financial
services companies
this functionality, which is a problem
in a TLS 1.3 only environment.
-Andrew
From: Yuhong Bao [mailto:yuhongbao_...@hotmail.com]
Sent: Thursday, September 22, 2016 2:36 PM
To: BITS Security <bitssecur...@fsroundtable.org>; tls@ietf.org
Subject: Re: Industry Concerns about TLS 1.3
Thi
could undermine this solution.
Appreciate it.
- Andrew
-Original Message-
From: Seth David Schoen [mailto:sch...@eff.org]
Sent: Tuesday, September 27, 2016 2:30 PM
To: BITS Security <bitssecur...@fsroundtable.org>
Cc: tls@ietf.org
Subject: Re: [TLS] Industry Concerns
rs.
- Andrew
From: Tony Arcieri [mailto:basc...@gmail.com]
Sent: Tuesday, September 27, 2016 4:17 PM
To: BITS Security <bitssecur...@fsroundtable.org>
Cc: Peter Bowen <pzbo...@gmail.com>; tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3
On Mon, Sep 26, 2016 at 12:
PM
To: BITS Security <bitssecur...@fsroundtable.org>
Cc: Salz, Rich <rs...@akamai.com>; nalini.elk...@insidethestack.com;
tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3
Andrew,
What would probably be most helpful here would be if you tried to describe what
yo
this to our attention.
- Andrew
From: hugok...@gmail.com [mailto:hugok...@gmail.com] On Behalf Of Hugo Krawczyk
Sent: Thursday, September 22, 2016 7:41 PM
To: BITS Security <bitssecur...@fsroundtable.org>
Cc: tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3
If the p
]
Sent: Tuesday, September 27, 2016 2:24 PM
To: BITS Security <bitssecur...@fsroundtable.org>
Cc: Eric Rescorla <e...@rtfm.com>; tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3
On Tue, Sep 27, 2016 at 06:07:28PM +, BITS Security wrote:
> Hi Eric--Thank you
> It seems like we would be rejecting a good opportunity to make what the
> network operators want work in a better and more secure way, while making it
> harder for passive observers and coercive authorities, to use the same
> mechanism for other purposes. What do we gain? beyond a hollow
16 matches
Mail list logo