Hi all, I noticed that draft-ietf-taps-transports-xx had a section about TLS. This makes sense as it provides an end-to-end encryption feature. However, this is not all. TLS also provides mechanisms for the authentication of endpoints (through, e.g., certificates or shared keys).
This is not a feature that is usually found in transport protocols, or at least the other being reviewed. Hence my question: where shall we stop when considering transport features? Does authentication have its place there, or should we rule it out? And if we rule it out, what is the criterion for doing so? Without much thinking, I think there is value in considering authentication as a transport feature, but I'm afraid this might incur some unneeded complexity. That said, if nobody has spoken up for section 3.8, Ralph Holz (Cc'd) and I would like to volunteer to write it up. -- Olivier Mehani <[email protected]> PGP fingerprint: 4435 CF6A 7C8D DD9B E2DE F5F9 F012 A6E2 98C6 6655 Confidentiality cannot be guaranteed on emails sent or received unencrypted.
pgpUzKbvGJmMu.pgp
Description: PGP signature
_______________________________________________ Taps mailing list [email protected] https://www.ietf.org/mailman/listinfo/taps
