To: IETF TLS 1.3 Working Group Members
My name is Andrew Kennedy and I work at BITS, the technology policy division of
the Financial Services Roundtable (http://www.fsroundtable.org/bits). My
organization represents approximately 100 of the top 150 US-based financial
services companies includ
this functionality, which is a problem
in a TLS 1.3 only environment.
-Andrew
From: Yuhong Bao [mailto:yuhongbao_...@hotmail.com]
Sent: Thursday, September 22, 2016 2:36 PM
To: BITS Security ; tls@ietf.org
Subject: Re: Industry Concerns about TLS 1.3
This also reminds me of
out the same unmanageable future they described.
Do Akami, Cloudlflare and Google magically not have these problems?
>
> Thanks
>
> Mike
>
>
>
> -Original Message-
> From: Jeffrey Walton [mailto:noloa...@gmail.com]
> Sent: Friday, September 23, 2016 10:55 A
Rich (et al.) -- I understand where you are coming from but I will poke a
little bit at this portrayal.
We are not here hat-in-hand asking for a return to RSA key exchange to the
proposed standard. We do however want to raise our concern (and hopefully your
awareness) of what appears to be a
that will, perhaps sooner
than we might expect, be deprecated.
-Andrew
-Original Message-
From: Yaron Sheffer [mailto:yaronf.i...@gmail.com]
Sent: Friday, September 23, 2016 3:52 PM
To: BITS Security ; Watson Ladd
; Ackermann, Michael
Cc: tls@ietf.org
Subject: Re: [TLS] Industry Con
dd [mailto:watsonbl...@gmail.com]
Sent: Thursday, September 22, 2016 3:06 PM
To: BITS Security
Cc: tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3
On Thu, Sep 22, 2016 at 10:19 AM, BITS Security
wrote:
> To: IETF TLS 1.3 Working Group Members
>
> My name is Andrew K
in Liu [mailto:xiaoyi...@outlook.com]
Sent: Friday, September 23, 2016 5:00 PM
To: BITS Security ; Salz, Rich
; nalini.elk...@insidethestack.com
Cc: tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3
Andrew,
I don't understand why your "choice is being removed", b
atory body (like large
credit card companies in the case of PCI).
-Andrew
-Original Message-
From: Peter Bowen [mailto:pzbo...@gmail.com]
Sent: Friday, September 23, 2016 7:18 PM
To: BITS Security
Cc: Yaron Sheffer ; tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3
O
nal Message-
From: Bill Frantz [mailto:fra...@pwpconsult.com]
Sent: Friday, September 23, 2016 9:31 PM
To: BITS Security
Cc: tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3
On 9/23/16 at 2:24 PM, bitssecur...@fsroundtable.org (BITS
Security) wrote:
>But general-purpose messag
have
> some. It may be that these companies have problems that are different from
> Google's (just as an example).
> Isn't our goal to have the best standards possible? Any organism (including
> the IETF), needs feedback to thrive.
> Nalini
>>
>> Thank
PM
To: BITS Security
Cc: Salz, Rich ; nalini.elk...@insidethestack.com;
tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3
Andrew,
What would probably be most helpful here would be if you tried to describe what
you think your requirements are in some sort of protocol-neutral
this to our attention.
- Andrew
From: hugok...@gmail.com [mailto:hugok...@gmail.com] On Behalf Of Hugo Krawczyk
Sent: Thursday, September 22, 2016 7:41 PM
To: BITS Security
Cc: tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3
If the problem is the use of forward secrecy then
@welho.com]
Sent: Tuesday, September 27, 2016 2:24 PM
To: BITS Security
Cc: Eric Rescorla ; tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3
On Tue, Sep 27, 2016 at 06:07:28PM +0000, BITS Security wrote:
> Hi Eric--Thank you for the prompt.
>
> Our requirements are for th
ress ranges.
Something else important to check on that could undermine this solution.
Appreciate it.
- Andrew
-Original Message-
From: Seth David Schoen [mailto:sch...@eff.org]
Sent: Tuesday, September 27, 2016 2:30 PM
To: BITS Security
Cc: tls@ietf.org
Subject: Re: [TLS] Industry
information to provide I am all ears.
- Andrew
From: Tony Arcieri [mailto:basc...@gmail.com]
Sent: Tuesday, September 27, 2016 4:17 PM
To: BITS Security
Cc: Peter Bowen ; tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3
On Mon, Sep 26, 2016 at 12:01 PM, BITS Security
s the canary in the coalmine... but
here we are now at least.
- Andrew
-Original Message-
From: Florian Weimer [mailto:f...@deneb.enyo.de]
Sent: Wednesday, October 5, 2016 2:17 PM
To: BITS Security
Cc: tls@ietf.org
Subject: Re: [TLS] Industry Concerns about TLS 1.3
* BITS Sec
> It seems like we would be rejecting a good opportunity to make what the
> network operators want work in a better and more secure way, while making it
> harder for passive observers and coercive authorities, to use the same
> mechanism for other purposes. What do we gain? beyond a hollow moral
17 matches
Mail list logo
