Yiannis Yiakoumis <[email protected]> wrote: > operators, ii) there are no good APIs to expose L3 socket APIs to the > app developers who would eventually acquire and insert tokens, and iii) > it doesn't work with IPv4.
(ii) is solvable: I don't want applications to bring along their own TLS
libraries, i want them provided by OSes. So there is no difference
anymore between doing in "libssl" and in the kernel.
(iii) is a feature, frankly. Please stop trying to patch 40yr old technology.
6man had a presentation yesterday about how far extensions headers get, and
the news is probably better than people feared, if I understood correctly.
--
Michael Richardson <[email protected]>, Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
