On Tuesday, May 16, 2017 07:35:16 am Hubert Kario wrote:
> On Monday, 15 May 2017 22:10:00 CEST Dave Garrett wrote:
> > On Monday, May 15, 2017 07:56:44 am Hubert Kario wrote:
> > > I respectfully disagree. That system requires tight coupling between the
> > > TLS implementation and DNS. This is no
On Monday, 15 May 2017 22:10:00 CEST Dave Garrett wrote:
> On Monday, May 15, 2017 07:56:44 am Hubert Kario wrote:
> > On Saturday, 13 May 2017 07:21:06 CEST Dave Garrett wrote:
> > > On Friday, May 12, 2017 11:17:45 pm Christian Huitema wrote:
> > > > EKR did propose a TLS in TLS tunnel back in De
On Monday, May 15, 2017 07:56:44 am Hubert Kario wrote:
> On Saturday, 13 May 2017 07:21:06 CEST Dave Garrett wrote:
> > On Friday, May 12, 2017 11:17:45 pm Christian Huitema wrote:
> > > The "server DH Key" poses a significant forward secrecy issue. Suppose
> > > that the key is compromised. Now t
On Saturday, 13 May 2017 07:21:06 CEST Dave Garrett wrote:
> On Friday, May 12, 2017 11:17:45 pm Christian Huitema wrote:
> > The "server DH Key" poses a significant forward secrecy issue. Suppose
> > that the key is compromised. Now the secret police can find out what
> > nasty sites was accessed
On Friday, May 12, 2017 11:17:45 pm Christian Huitema wrote:
> The "server DH Key" poses a significant forward secrecy issue. Suppose
> that the key is compromised. Now the secret police can find out what
> nasty sites was accessed by whom. That can be plus plus not good for
> said dissidents.
*Th
On 5/12/2017 7:58 PM, Dave Garrett wrote:
> Encrypted SNI has been talked to death, and coming up with new schemes that
> warrant air quotes in the subject around "encrypted" feels like a waste of
> time. Wouldn't it be better to just focus on finishing the
> encrypt-all-the-things approach an
