On 28 August 2015 at 11:33, Viktor Dukhovni <ietf-d...@dukhovni.org> wrote: > On the other hand, it allows servers to detect that a > client is not planning to authenticate the server, which has forensic > value, and can be used to grant appropriately restricted access.
I think that these are potentially useful properties, but I don't think that we need to use the cipher suite signaling to get that information. What if you could (for example) include a signal at the application layer "oh, by the way, I didn't authenticate you". Or you could have an extension that said up front that you don't intend to check. Those are superior in the sense that it allows for all the benefits of ekr's proposal, without losing the properties you care about. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
