On Jul 10, 2017, at 5:35 PM, Stephen Farrell <[email protected]> wrote: > Consider SMTP/TLS. Where one MTA on the path supports this. > Say it's one operated by an anti-spam company for example. > That is clearly not the sender nor recipient. > > That meets all 4 points in 2804, right?
I don't buy this, Stephen. The anti-spam company is not an eavesdropper. What I don't understand about your approach to this draft is that it seems to me that the draft is obviously describing an exploit in TLS 1.3, for which a mitigation exists: remember keys, and refuse to communicate with an endpoint that presents a key you've seen before. So rather than opposing the publication of the static keys draft, why not work on mitigating the attack it describes? This attack exists whether the static keys draft is published or not.
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
