> On 5 Oct 2014, at 20:26, Yaron Sheffer <[email protected]> wrote: > > So we could: > > 1. Say explicitly that opportunistic TLS is out of scope. > 2. Or say explicitly that it is in scope, and with the same requirements as > "regular" TLS. > 3. Or come up with a different set of requirements for opportunistic TLS. > > I tend towards #2, because: +1. Simplicity is our friend here.
> - With channel bindings, you can convert an unauthenticated TLS channel into > an authenticated one, after the fact. > - Also, because we do not want to fragment the TLS ecosystem. > - Lastly, an opportunistic deployment can eventually become authenticated > TLS, when DANE is introduced. _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
