On Sat, Jul 15, 2017 at 5:39 PM, Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote:
> On 15/07/17 23:55, Colm MacCárthaigh wrote: > > So far responses on the mailing list have been saying "Don't use > > pcap, instead run proxies". > Sorry, but that is incorrect. Some list participants > have said "we need pcap" and others have said that > "no, we do not need to use packet capture." And others, > myself included, consider that there is dearth of > evidence. > Can you be more clear what is lacking in evidence? Are you skeptical that existing network operators don't do this kind of decryption? There's support for it in tools like Wireshark. Is that sufficient evidence? Are you skeptical that there's no evidence that using proxies instead would be a burdensome change? I'm not skeptical of that at all, but would be interested in what acceptable evidence would look like. Though I'll point out again: TLS 1.3 is the new thing that we want to gain adoption, so really we should be looking for evidence that it's /not/ a burdensome change. -- Colm
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls