Hi,

On 3/28/23 00:39, Hal Murray wrote:

h...@selasky.org said:
A typical video stream of 4 MBit/s may produce on average 333 packets per
second, and I ask a simple question if it is really needed to authenticate
all of those packets while the user sits in a chair and eats popcorn?

Are you sure there is a user eating popcorn?

The majority - yes.

Are there any 0-day exploits in your video system?

That's a reminder to not use over complicated and secret sauce video codecs. Probably there is a 0-day exploit in the .mp4 codec already, implanted by secret services. Who knows. Nice to get rid of it!

Is that middle box doing the right thing?

If someone tampers internet in my town, the half a mile it goes down to the bank, I'm pretty sure I'll figure it out myself. But you know how ISP's like to do it, they send the traffic hundreds of miles to the nearest data/recording center, and then sends it back again. Encryption will never solve that problem, internet traffic goes way longer than it should. Infact governments require access to crypto keys so they can decrypt all traffic anyway - so what are you saying about middle boxes doing again .... and encryption can do something about it? Nah, I don't think so.

The main problem I see with your proposal is that it adds complexity.
Everybody using TLS will now have to consider what happens if your option gets
enabled and/or how to make sure that it doesn't get enabled.  Security is
complicated.  Making it more complicated is a step in the wrong direction.

Yes, that's why I want a central change in this area, and not something custom, to avoid a big fight about the next httpX protocol.

Does your popcorn eating user need TLS as all?

That's a good question. People eating popcorn while watching movies on the TV probably also knows how their internet works - so I guess the answer is no :-)

--HPS

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to