On 5/13/2015 10:19 AM, Matt Caswell wrote:
>
>
> On 08/05/15 09:40, Matt Caswell wrote:
>>
>>
>> On 08/05/15 02:28, Jeffrey Altman wrote:
>>
>>> Regardless, the inability to improve the support in this area has left
>>> the those organizations that rely upon 2712 with the choice of use
>>> insecu
On 08/05/15 09:40, Matt Caswell wrote:
>
>
> On 08/05/15 02:28, Jeffrey Altman wrote:
>
>> Regardless, the inability to improve the support in this area has left
>> the those organizations that rely upon 2712 with the choice of use
>> insecure protocols or re-implement the applications. I do
I should have mentioned NPN and ALPN too.
A TLS application could use ALPN to negotiate the use of a variant of
the real application protocol, with the variant starting with a
channel-bound GSS context token exchange.
The ALPN approach can optimize the GSS mechanism negotiation, at the
price of
On 08/05/15 02:28, Jeffrey Altman wrote:
> Regardless, the inability to improve the support in this area has left
> the those organizations that rely upon 2712 with the choice of use
> insecure protocols or re-implement the applications. I do not believe
> that any sane OS or application vendor
