On Mon, Dec 11, 2023 at 12:32:36PM -0800, Rob Sayre wrote: > PS - I have to say, not in this message, but sometimes it seems like the > goal of TLS 1.2 advocates is weaker encryption. So, for them, the flaws in > TLS 1.2 that the draft describes are desirable. If that's the case, > participants are not working toward the same goal. Writing down the > consensus seems worth it.
For what it is worth, my agenda/perspective has never been to weaken encryption. Rather, it has always been about making usable encryption ubiquitous. While we continue work on raising the ceiling, one can be legitimately weary of raising the floor so high that encryption is unusable, and communication happens in the clear instead. Given that TLS 1.2 will be around for quite some time, it is not obvious that a feature freeze will in practice improve security. It is good that there's ongoing effort to make TLS 1.3 better, and I accept that it may well not be possible to deliver on required TLS 1.3 work and to also make some occasional modest improvements to TLS 1.2, but if the goal is to deliver secure products to users, a realist might accept that TLS 1.2 is likely to continue to be used for some time, and that those users could be better served if some improvements continued to take place. The contrarian possition of course assumes that such improvements wouldn't be a significant drain on scarce resources. That assumption is a matter for debate, and the "right" trade-offs are not completely obvious. Some difference of perspectives can be expected. Whatever else we do, we should not default to questioning the motives of others who would make somewhat different tradeoffs. Worry more when everyone is in violent agreement, perhaps something is then being missed. -- Viktor. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls