On 28/09/13 20:07 PM, Stephen Farrell wrote:
b) is TLS1.3 (hopefully) and maybe some extensions for earlier versions of TLS as well
SSL/TLS is a history of fiddling around at the edges. If there is to be any hope, start again. Remember, we know so much more now. Call it TLS2 if you want.
Start with a completely radical set of requirements. Then make it so. There are a dozen people here who could do it.
Why not do the requirements, then ask for competing proposals? Choose 1. It worked for NIST, and committees didn't work for anyone.
A competition for TLS2 would bring out the best and leave the bureaurats fuming and powerless.
iang _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography