On 06/02/2017 08:28 AM, Toerless Eckert wrote: > Another candidate use case coming to mind eg: auditing tht is required in > many eg: financial > environments. In the past i have seen even the requirement for the whole data > streams to be unencrypted > for auditing. Maybe that market segment would also be able to get more > privacy but maintain a > relevant level of auditing if the auditing relevant class of information was > visible via > the cert.
That use case has been extensively discussed (look for the thread "Industry Concerns about TLS 1.3", also a fair bit of hallway discussions), and was not seen to provide a compelling argument for any change in TLS 1.3. There are purely server-side options that should be able to provide the necessary functionality (crypto details omitted for now). -Ben
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls