On 11/7/17 8:15 AM, Hannes Tschofenig wrote: > FWIW: I can tell you what the threat model was with the layered TLS work. > > Let me give you a very specific example. Imagine a Bluetooth Low Energy > device that communicates via a phone to a cloud-based service. The > communication from the phone to the cloud uses HTTPS. The communication > from the BLE device to the phone uses ordinary BLE > services/characteristics. > > The Layered TLS/application layer TLS would in this case run from the > BLE device all the way to the cloud-based service at the application layer. > > This allows us to provide end-to-end security across a proxy (in this > case the phone) and independent of the underlying protocols. > > Does this make sense?
Given your assumptions, yes. Although IMHO there's got to be a better way to accomplish the goal of end-to-end security here. If I were going to IETF 100, I'd propose getting together for a beer to discuss... Peter
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
