On 12/12/2015 04:29 AM, Bryan A Ford wrote: > --- > OK, congratulations and thanks to anyone who persisted through all that. > I hope this will help understand the implementation complexity and > tradeoffs both of the currently-specified TLS 1.3 record layer and the > proposed headerless records features. Comments? >
This makes me less uneasy than the previous proposals did. As a general note, a protocol having two (or more) options for how to express a given piece of information leads to more cases to test, and has caused interoperability and/or security problems in the past. No comment from me yet as to whether the tradeoff is acceptable in this case. But, my general sentiment remains one that I did not get to express in the previous thread (I was travelling and it had become somewhat stale): will attempting to add this to TLS 1.3 incur unacceptable delay for wide-scale deployment? TLS 1.3 has a lot of really nice things in it, that we would like to get to users as soon as safely possible. There is the TRON workshop scheduled, etc., indicating that if all goes well, the spec could be final in the next 6 months. Is the added value of this scheme worth another month of delay before TLS 1.3 ships to users while we argue about it? Another six months? -Ben _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
