Thilo Molitor <[email protected]> writes: >> and doesn't work with TLS 1.3, so tls-unique requires TLS 1.2 which is >> generally less secure than TLS 1.3. > Where do you take that from? Afaik TLS 1.2 isn't less secure than TLS 1.3 > (but > a bit slower regarding connection establishment). But if you could provide > some pointers, I would be happy to be corrected.
Granted, this isn't a binary "full security" or "no security" difference, but a balance, but still I would put up a red flag at anyone chosing TLS 1.2 while rejecting TLS 1.3. Some references: https://tolumichael.com/is-tls-1-2-deprecated-key-difference-from-tls-1-3/ https://software.land/tls-1.2-vulnerability/ https://developer.mozilla.org/en-US/docs/Web/Security/Transport_Layer_Security#tls_1.3 /Simon > -tmolitor > > >> >> Daniel Gultsch <[email protected]> writes: >> > Hi, >> > >> > with my editor hat on please note that a new version of this XEP has >> > been published that should address some of the concerns. >> > Also with my editor hat on I’m taking the liberty to extend the LC by >> > another week to give people time to review the new version. >> > >> > With my council hat on I’m considering the endpoint v exporter >> > concerns addressed. This is both due to the new Business rules that >> > clearly outline the benefits of a common (minimum) binding mechanism >> > and due to some discussions that happened in the kitten WG. The >> > (somewhat related) discussion on Kitten revolved around deprecating >> > endpoint in favor exporter at which multiple people spoke out against >> > this. >> > >> > cheers >> > Daniel >> > _______________________________________________ >> > Standards mailing list -- [email protected] >> > To unsubscribe send an email to [email protected] > > > _______________________________________________ > Standards mailing list -- [email protected] > To unsubscribe send an email to [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Standards mailing list -- [email protected] To unsubscribe send an email to [email protected]
