David Mazieres wrote this message on Thu, Jul 30, 2015 at 15:26 -0700:
> My vote is to adopt both TCP-ENO and tcpcrypt, which together provide an
> obvious path for harmonization.
Is the goal of this draft to get down to one spec? or to allow both
specs to become standards?
>From what I see, this allows both specs to become standard, which is
a bad idea... The WG charter specifically says: "to provide reasonable
security for the majority of connections.", but if we adopt this, it
will allow vendors to pick only one of two (or more), claim that they
support always on encryption, and then a majority of connections will
not be encrypted because there will be a protocol mismatch.
Expecting OS vendors to implement all protocols again is not a good
idea... They will want to put their eggs in one basket, and watch that
basket closely, pay for security audit, etc.
So, as far as I can see, this draft runs counter to the WG charter and
should not be considered...
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
_______________________________________________
Tcpinc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tcpinc
