On 9/28/16 4:36 PM, Tony Arcieri wrote: > The IETF is doing great work. This entire thread is a distraction, and I > hope it does not result in changes which weaken TLS 1.3's security.
I think it's quite clearly the case that that is not going to happen. But, that doesn't mean that these guys don't have a problem worth addressing, even if they're asking for a crap solution to it. The IETF is an insular organization and I tend to think that leads to poorer outcomes in some cases than we might otherwise have produced. I am not suggesting that his request for a protocol that he can break needs serious consideration, but that the fact that he's come up with an unacceptable solution to a problem that he's identified doesn't mean that the problem either doesn't exist or is completely outside the IETF's scope. All that's going to come out of discussion here is unhelpful and largely redundant finger-wagging. I think these guys ought to write up the problem they've got and post a draft. Melinda
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls