On 30.09.22 05:56, Randy Armstrong (OPC) wrote:
I think the key point here is that sometimes observability is a feature and not a bug. This is particularly important in industrial/critical infrastructure. That observability can be achieved in many ways. One question is whether the observability itself should itself be authorized.* A better approach for this particular requirement is to have a mechanism which uses encryption but explicitly provides the necessary observer decryption capabilities. But that approach has been repeatedly rejected in IETF.I feel that putting backdoors into encryption protocols is a recipe for disaster. Encryption, once applied, should not be breakable or vulnerable to man-in-the-middle attacks. Applications should make the choice based on the tasks they need to do when a connection is established and have access to APIs that clearly tell them that they are using an unencrypted communication channel.
Eliot
OpenPGP_signature
Description: OpenPGP digital signature
