Hiya, On 05/11/17 13:09, Ted Lemon wrote: > Consensus isn't about number of votes. However, I think we can say that > although there seems to be some interest in making sure this use case is > addressed, there are known ways of addressing it, and little interest in > inventing a new way that weakens a new feature of tls 1.3
Don't disagree. In addition there's always been folks in the rough when it comes to any security BCP or similar and ISTM that the breaking-TLS case is no different - there'll always be people who (mistakenly IMO) perceive that it'd be better to break TLS (and prioritise their particular concern) than it is do our best to improve Internet security and privacy overall. (That's one reason the chairs' question in Prague wasn't a good one - it will always be the case that there are IETFers who do want to break TLS and similar - we learned nothing from that hum at all.) As a meta-comment, I think it's really a pity that most or all such break-TLS proposals appear to be accompanied (not necessarily from draft authors) by bad argument, overstatement and ignoring the existence of downsides. (*) IMO that is yet another indicator that those arguing to break TLS know that they're likely to end up in the rough and hence at tempted to attempt the "hard-sell" (as you Ted I think called it, perhaps too generously) which is I think disruptive to WG progress. So I'd argue to not bother discussing this bad idea again at IETF-100 - it's consumed enough cycles already and we won't learn anything at all if we do waste time in that way yet again. S. (*) I fully admit to meeting such bad argument with robust argument and will continue doing so:-) > > On Nov 5, 2017 14:03, "Salz, Rich" <rs...@akamai.com> wrote: > >> So if the only people in favor of it are the draft authors, then we have >> consensus, right? >> >> >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls >> > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls