On Wed, Aug 17, 2022 at 11:10 AM Peter Gutmann <[email protected]> wrote:
> See my earlier comments on this. > Honestly, it sounds like these devices maybe shouldn't be using internet technologies that were designed with certain assumptions about extensibility in mind. With such strong constraints not only on behavior but on implementation, it really seems like the right thing to do is to shrink-wrap every interface around exactly what you need and avoid all unnecessary complexity. That means no TLS, no X.509, no IP, etc. IMO, the two requirements "Prohibit upgrades" and "Leverage general-purpose network protocols with large attack surfaces" are in direct conflict. Kyle
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
