> > They can already block traffic based on IP address. That’s single-point > blocking. Being able to block based on the client’s willingness to let their > traffic be interception is a whole additional class and it also indicates > that the > client is willing to let their traffic be intercepted. The two things are > very very > very different. >
Can you explain the comparison that I brought up regarding trusting the CA? That is related to " the client’s willingness to let their traffic be intercepted". _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls