On 8/2/14 1:04 AM, "Joe Touch" <[email protected]> wrote:
>
>On 8/1/2014 9:18 PM, Everhart, Craig wrote:
>> You guys. TCP is way more than http/s.
>
>It is, but TLS has been applied to HTTP and POP/IMAP widely; it can
>easily be applied to other uses of TCP as well.
>
>That's a much lower hurdle than coming up with new TCP-level protocols.
>
>Joe
Sorry, I guess I should have re-stated my kernel-space point of view,
where TLS isn't so easy and accessible. Our temptation to say that this
is a solved problem because of TLS, while true in principle, ignores the
real deployment advantages that TCPcrypt had addressed.
Craig
>
>>
>>
>> ----- Reply message -----
>> From: "Nico Williams" <[email protected]>
>> To: "Tony Arcieri" <[email protected]>
>> Cc: "Kevin Glavin" <[email protected]>, "[email protected]"
>> <[email protected]>, "Eggert, Lars" <[email protected]>, "Joe Touch"
>> <[email protected]>
>> Subject: [tcpinc] why not just TLS on secure port numbers?
>> Date: Fri, Aug 1, 2014 11:25 PM
>>
>> On Fri, Aug 01, 2014 at 06:57:10PM -0700, Tony Arcieri wrote:
>>> On Fri, Aug 1, 2014 at 5:14 PM, Joe Touch <[email protected]> wrote:
>>>
>>> > I might have thought so. Except Google did it.
>>> >
>>>
>>> Google is a cool story, but in my book it really doesn't count until
>>> everyone does it and we have full network encryption...
>>
>> Right. Big players can impose HTTPS due to the cost to a nation's
>> citizens (or ISP's customers) of blocking it.
>>
>> To really extend this to everyone else might take confidentiality
>> protection for DNS queries and maybe even not having PTR RRsets.
>>
>> Nico
>> --
>>
>> _______________________________________________
>> Tcpinc mailing list
>> [email protected]
>> https://www.ietf.org/mailman/listinfo/tcpinc
_______________________________________________
Tcpinc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tcpinc
