i understand this ask and i resonate positively to it. however, i
predict it will be seen as controversial in this community, based on my
prior experience trying to get ssh/scp to support clear text for use
inside a campus, datacenter, VPC, or VM server. i've also been trying to
get an SMTP library's author team to have an option to ignore STARTTLS
when talking to my own localhost. in each case i was told that the risk
of accidental nonencryption across a wide area network was too great.
so, good luck with this use case. --vixie
re:
Randy Armstrong (OPC) wrote on 2022-09-29 05:31:
The OPC Foundation is looking at deploying QUIC within factories as
means for different OT devices to communicate with each other. In this
environment, factory owners often wish to monitor traffic to check for
anomalies. Encryption prevents this.
For this reason, an authentication only option is essential to making
QUIC a viable choice for communication within factories.
Regards,
Randy Armstrong
OPC UA Security WG Chair
--
P Vixie
