Contributions with data are welcomed and encouraged. Thank you, Kathleen
Sent from my mobile device > On Jul 10, 2018, at 10:07 AM, Peter Gutmann <pgut...@cs.auckland.ac.nz> wrote: > > nalini elkins <nalini.elk...@e-dco.com> writes: > >> It would be nice to see some of this reflected in the draft rather than only >> statistics on browsers. The real usage of these protocols is far more >> complex. > > +1. It often seems that the only possible use for TLS that gets considered in > these things is web browsers and web servers, or big-iron type servers in > general. There's a vast amount of TLS that never goes anywhere near a browser > or server of this kind. In particular, the assumptions that are no longer > valid in this case are: > > - CPU and memory is nearly unlimited and nearly free. > > - Anything can be easily upgraded at the touch of a button. > > - Everyone gets their certs from a commercial CA (that's present in a trust > database). > > - People want the most full-featured, complex protocol possible. > > - Users want the latest, trendiest algorithms at all times. > > [Feel free to add more to this list, that's just the stuff that springs > immediately to mind]. > > In the case of SCADA/embedded, pretty much the exact opposite of all of those > points is the case (the last may be somewhat debatable, it's a reference to > the fact that industry groups are very conservative and tend to stick with > something that has what's regarded as good provenance). > > Peter. > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls