On Mon, Apr 4, 2016 at 7:05 AM, Dan Harkins <dhark...@lounge.org> wrote: > > > On Thu, March 31, 2016 10:51 am, Stephen Farrell wrote: >> >> If smaller devices don't use algorithms that can be used to talk to >> random servers on the Internet, then they are choosing to not try to >> get interop. That seems like a shame to me, unless there's a really >> good reason and IMO, mostly there isn't, at the ciphersuite level. I >> would hope we all won't make the GCM/CCM mistake again for example >> (that "we" being roughly some combination of IETF/IEEE folks). > > That's because you incorrectly define "interop" as talking to > random servers on the Internet. This browser-centric mode of thinking > causes you to reject cipher suites that the browser/webserver > community does not have any interest in. > > There are use cases where some app doesn't want to talk to random > servers on the Internet. It wants to talk to a set of specific servers > providing a specific stream of information unique to the app-- think > of some network monitoring or RF-quality app that provides sensing > data to servers and also sucks down neighbor air quality information > as it roams around. There are IoT use cases where devices just want > to talk to each other, not random servers on the Internet. > > The browser community wants 0-RTT; I don't give a damn about 0-RTT. > I want a PAKE (specifically TLS-pwd); the browser community doesn't > give a damn about PAKEs. We are both right. Because we have different > requirements.
Why can't embedded devices use certificates? -- "Man is born free, but everywhere he is in chains". --Rousseau. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
