> On Oct 19, 2017, at 9:06 PM, Benjamin Kaduk <[email protected]> wrote: > > On 10/19/2017 05:30 PM, Darin Pettis wrote: >> >> The question has been raised: "Why address visibility now?" The answer is >> that it is critical that the visibility capability is retained. It is >> available today through the RSA key exchange algorithm. We understand that >> the issue was raised late and have fallen on the preverbal sword for being >> late to the party but the issue is real. That is where the "rhrd" draft has >> come from. A way to retain that visibility capability but with a newer and >> more secure protocol. >> > > But the "rhrd" draft does not require any changes to the core TLS 1.3 > protocol, and in fact I have heard several key participants say that any > "visibility" changes must not require changes to the core protocol. If the > "visibility" work will be done via extensions, then there is no ordering > requirement for their specification with respect to the core work, there is > only an ordering requirement between them and adoption of TLS 1.3 in > enterprises. Do you want to argue that a year timescale is too slow for > enterprise adoption of TLS 1.3? If not, I continue to not see a reason to > address "visibility" now.
Ben: I do not see the visibility extension taking any resources away from the completion of TLS 1.3, so I do not see any reason to make it wait. Russ
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
