* Industry groups will force us to use newer versions * Likely there will be regulatory mandates in many of the marketplaces and business segments that large Enterprises participate in. * Business Partners or Government agency customers may require TLS1.3.
These mandates/requirements are typically motivated by the realization that TLS Vn is more secure than TLS Vn-x. One of the important reasons TLS 1.3 may be more secure than TLS 1.2 and below is that it does not offer non-PFS options. Then deploying a weakened configuration of TLS 1.3 (without PFS) would not meet the intent of those future mandates/requirements. Then do we gain anything by standardizing a weakened configuration of TLS 1.3? Cheers, Andrei
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
