On Thu, Oct 27, 2022, at 09:23, Martin Thomson wrote: > On Thu, Oct 27, 2022, at 00:01, Ilari Liusvaara wrote: >> Idea > > We're not short on ideas (your idea is not new). We're short on the > willingness to implement and deploy them.
I should apologize here. Ilari's idea is - I think - a relatively good one. However, I don't think that a lack of ideas is the issue here. It might have been Stephen that first mentioned this idea, which got some traction. At the time, and since then, the problem continues - such as it is - without much engagement on what I think is the harder part: getting people interested in deploying a fix. >From my view, HRR is awkward, but it is used enough for me to be confident >that it isn't broken in practice. Proofs of TLS 1.3 also make me confident >that it is secure (with the usual caveats). So it's a case of "ain't broke". _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
