On Mon, Dec 11, 2023 at 12:32:36PM -0800, Rob Sayre wrote:
> PS - I have to say, not in this message, but sometimes it seems like the
> goal of TLS 1.2 advocates is weaker encryption. So, for them, the flaws in
> TLS 1.2 that the draft describes are desirable. If that's the case,
> participants are not working toward the same goal. Writing down the
> consensus seems worth it.
For what it is worth, my agenda/perspective has never been to weaken
encryption. Rather, it has always been about making usable encryption
ubiquitous. While we continue work on raising the ceiling, one can be
legitimately weary of raising the floor so high that encryption is
unusable, and communication happens in the clear instead.
Given that TLS 1.2 will be around for quite some time, it is not obvious
that a feature freeze will in practice improve security. It is good
that there's ongoing effort to make TLS 1.3 better, and I accept that it
may well not be possible to deliver on required TLS 1.3 work and to also
make some occasional modest improvements to TLS 1.2, but if the goal is
to deliver secure products to users, a realist might accept that TLS 1.2
is likely to continue to be used for some time, and that those users
could be better served if some improvements continued to take place.
The contrarian possition of course assumes that such improvements
wouldn't be a significant drain on scarce resources. That assumption is
a matter for debate, and the "right" trade-offs are not completely
obvious. Some difference of perspectives can be expected.
Whatever else we do, we should not default to questioning the motives of
others who would make somewhat different tradeoffs. Worry more when
everyone is in violent agreement, perhaps something is then being
missed.
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
