On Sat 2017-07-15 05:58:31 +0000, Salz, Rich wrote: > Unless I missed the reply, I did not see any answer to my question as > to why it must be opt-in. Do we think evildoers will tell the truth > about what they are doing?
Because presumably the people who do *not* want to do evil want to avoid specifying a mechanism that will be widely implemented that could leak into use outside of the intended scenario. right? As far as i can tell, we're all in agreement here that: * This proposed TLS variant is *never* acceptable for use on the public Internet. At most it's acceptable only between two endpoints within a datacenter under a single zone of administrative control. * Forward secrecy is in general a valuable property for encrypted communications in transit. If there's anyone on the list who disagrees with the above two statements, please speak up! --dkg
signature.asc
Description: PGP signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls