I do not support publication of this document. Hello from the UK, it's been a while since I was last at an IETF workshop wearing a different hat.
Since then, my job has partially been answering the phone when a journalist finds out that someone has done something stupid with a lot of UK medical records. Data that should be protected by reliable encryption in multiple ways, and often it turns out, is not protected in any of those ways. Normally the world can assume the IETF and friends are reliable. But it seems that is potentially going wrong, certainly going controversially in this particular corner of the internet, and it may become easier to go wrong more often and more widely, and at that point, put actual data at risk. Books and movies have been written about the consequences of when that happened in the past (some of the movies were even popular, even if the consequences not so much) And when it happens in the future, when there are harms as a consequences, further articles will be written about the what, and why. Because there always are. It's better all round that, even if several things go wrong, there are multiple levels of resilience. The effect of this draft is asking for trouble. best, Sam _______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
