Rich: > On Nov 1, 2017, at 10:18 AM, Salz, Rich <rs...@akamai.com> wrote: > > In https://www.ietf.org/mail-archive/web/tls/current/msg24789.html > <https://www.ietf.org/mail-archive/web/tls/current/msg24789.html>, Nick > Sullivan concluded: > > >- on the other hand using draft-rhrd is safer than allowing organizations to > >hack single-key escrow into TLS 1.3 or continue to use TLS 1.2 with > >non-forward-secret cipher suites > > I think this sets up a false comparison. Existing TLS 1.3 debugging systems > – Wireshark – can debug individual TLS sessions with the session key > information being made available. This is what the RHRD draft would require > an organization to do, but it adds the additional signaling that the client > is willing to allow it. The Wireshark example shows that the signaling is not > needed. Servers can unilaterally do it now. > > I maintain that the cleartext signal servers no useful purpose, except to > provide a mechanism for entities to segregate traffic.
Indeed, anyone can implement the approach in draft-green, which has no opt-in capability. In Prague, we heard that a lot of people would be more comfortable with an opt-in capability, so we specified an extension that does so. Russ
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
