On Sat, Oct 1, 2016 at 4:23 AM, Peter Gutmann <pgut...@cs.auckland.ac.nz>

> Ryan Carboni <rya...@gmail.com> writes:
> >I've never quite understood what TLS was supposed to be protecting
> against,
> >and whether or not it has done so successfully, or has the potential to
> do so
> >successfully.
> It's the Inside-Out Thread Model (also shared by a number of other security
> protocols, it's not just TLS), "our defence is SSL/TLS/IPsec/PKI/…  and our
> threat model is whatever that happens to defend against".  DNSSEC is a
> classic
> example of this, the DNSSEC requirements doc was published *a decade* after
> DNSSEC itself.  Mind you, other protocols are still waiting for their
> requirements doc to be published.  PKIX specifically actively declined to
> consider use cases because heck, this is a standards committee dammit, we
> can't be expected to take into account what people want to do with it.
> Mind you, in the absence of any success criteria, no-one can say you've
> failed...
> Peter.

It is worth reading this paper apparently from 2010 on reusing ephemeral


Regardless, I can hope the Snowden disclosures will force people into

But please.

Continue to make the internet secure.
TLS mailing list

Reply via email to