On 14/03/18 23:00, nalini elkins wrote: > The simple explanation is that people think they will have serious > issues with TLS1.3 and actually, TLS1.2 when it is DH only.
Of course some people who are used to MitMing connections will have problems and will have to change. But that does not mean that their problems ought to be solved by any change to TLS. IMO the costs to the broader Internet of breaking TLS like that are far too high to optimse for these folks. It's understandable that they'd prefer otherwise. People with such problems should IMO look elsewhere for solutions and not be fixated on breaking TLS. Lastly, bear in mind that even if the people with whom you are dealing have the best intentions, there really are people who are paid large amounts of money to weaken Internet security (see [1] for scant detail of just one country's efforts in that regard) and that we have IETF consensus to oppose such efforts, as far as it's in the IETF's remit to do so. So it doesn't really help the discussion to claim that such-and-such a (set of person(s) is/are good actors - we do assume that, but also that there are others who would like the same changes to happen who do not share the IETF's goals of making Internet security better as far as we can. S. [1] https://en.wikipedia.org/wiki/Bullrun_(decryption_program)
0x7B172BEA.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
