Yiannis Yiakoumis <yian...@selfienetworks.com> wrote:
> operators, ii) there are no good APIs to expose L3 socket APIs to the
> app developers who would eventually acquire and insert tokens, and iii)
> it doesn't work with IPv4.
(ii) is solvable: I don't want applications to bring along their own TLS
libraries, i want them provided by OSes. So there is no difference
anymore between doing in "libssl" and in the kernel.
(iii) is a feature, frankly. Please stop trying to patch 40yr old technology.
6man had a presentation yesterday about how far extensions headers get, and
the news is probably better than people feared, if I understood correctly.
--
Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
