On Thu, 5 Apr 2018, Richard Barnes wrote:

And just to be clear, by "downgrade attack", you mean "normal PKI authentication 
that we rely on today".  There's nothing in here that degrades security

You mean other then LetsEncrypt destroying the ecosystem and leading to
a "one key to rule them all" situation?

The webpki is changing dramatically. The amount of CAB/forum violations
seems to be increasing, partially as a result of these violations getting
exposed by certificate transparancy and perhaps partially because of
the financial strain caused by the free LetsEncrypt. Allowing people to
deploy another PKI is not harmful - forcing people to stick with the
webpki could prove harmful.

That doesn't mean there's not still some utility to be had. 

Your tls-extension use case can be supported regardless of the outcome
of this consensus call. That is not at stake today. Other people's valid
use cases are the ones that are at stake now.


TLS mailing list

Reply via email to