I read the Cloudflare section on middleboxes and I wonder if it was really a good idea for them to go making changes to allow for existing boxes to do that. They are not legitimate parties to a TLS connection and browsers and websites should not have to change how they communicate to deal with their nonsense. They should just break.
On Wed, 7 Mar 2018, 05:05 Pine W, <wiki.p...@gmail.com> wrote: > I'm no expert on TLS 1.3, but I thought that other folks on Wikitech-l > might be interested in the industry news about the subject. The relevant > WMF Phabricator task is https://phabricator.wikimedia.org/T170567. > > Articles: > > * "An Overview of TLS 1.3 – Faster and More Secure": > https://kinsta.com/blog/tls-1-3/ > > * "Why TLS 1.3 isn't in browsers yet": > https://blog.cloudflare.com/why-tls-1-3-isnt-in-browsers-yet/ > > * "Big banks want to weaken the internet’s underlying security protocol": > https://www.cyberscoop.com/tls-1-3-weakness-financial-industry-ietf/. WMF > employees who do advocacy work might be interested in this article, which > is why I'm sending this email to WMF Legal. > > Regards, > > Pine > ( https://meta.wikimedia.org/wiki/User:Pine ) > _______________________________________________ > Wikitech-l mailing list > Wikitech-l@lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/wikitech-l _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
