On Mon, Apr 4, 2016 at 9:39 PM, Peter Gutmann <pgut...@cs.auckland.ac.nz> wrote: > Because they have neither a DNS name nor a fixed IP address. I ran into this > just last week with a customer, they couldn't use certs for their embedded > devices and couldn't use PSK because the browser vendors have chosen not to > support it. As a result, they abandoned the use of TLS altogether and went > with SSH.
Ideas for supporting this case (i.e. the "I want to do HTTPS to my router" problem) in browsers have done the rounds a few times. The reason that nothing has happened is that it's a lot of work to do it right and it's unclear that we would be able to get a useful mass of devices supporting such a scheme. The mostly likely outcome seems to be that we would end up with a complex addition that's rarely used and thus doesn't justify the cost. Cheers AGL -- Adam Langley a...@imperialviolet.org https://www.imperialviolet.org _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
