On Sat 2017-07-15 05:58:31 +0000, Salz, Rich wrote: > Unless I missed the reply, I did not see any answer to my question as > to why it must be opt-in. Do we think evildoers will tell the truth > about what they are doing?
Because presumably the people who do *not* want to do evil want to avoid
specifying a mechanism that will be widely implemented that could leak
into use outside of the intended scenario. right?
As far as i can tell, we're all in agreement here that:
* This proposed TLS variant is *never* acceptable for use on the public
Internet. At most it's acceptable only between two endpoints within
a datacenter under a single zone of administrative control.
* Forward secrecy is in general a valuable property for encrypted
communications in transit.
If there's anyone on the list who disagrees with the above two
statements, please speak up!
--dkg
signature.asc
Description: PGP signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
