Anne & Lynn Wheeler <[EMAIL PROTECTED]> writes: > At 12:09 PM 10/7/2003 -0700, Eric Rescorla wrote: > >This doesn't provide equivalent services to TLS--no anti-replay > >service for the server. > > KISS ... for the primary business requirement .... the application > already has anti-replay .... TLS ant-replay is then redundant and > superfluous. > > yes, it isn't existing TLS .... it is KISS TLS based on primary > business requirement ... as mentioned in original, not on existing > specification for existing implementation
But calling it "KISS TLS" is very inaccurate, since it doesn't provide equivalent security guarantees. What you're proposing doesn't really have any connection to TLS. > Making it significantly more simple and lightweight might encourage it > to be used more extensively. Extensive performance analysis shows that the performance cost in TLS is cryptography, not message passing. Your suggestion doesn't improve that much at all. -Ekr -- [Eric Rescorla [EMAIL PROTECTED] http://www.rtfm.com/ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]