Hiya, Just on this one thing...
On 07/07/16 09:13, Nikos Mavrogiannopoulos wrote: > does not make the situation any worse > than we have today. I don't accept that is the correct goal. That form of argument is what lead to us standardising the HTTP Forwarded header field, which IMO was a disimprovement. (An argument I lost in the end in that case [1], but 'twas close, and back in 2012 so might go the other way today;-) I would argue that the correct goal is to make things better whenever possible, with that being especially important for protocols like (D)TLS on which many other things depend. I do agree that any scheme developed would need to meet the state management requirements of servers. I'm not convinced those requirements call for a new super-cookie though:-) S. [1] https://datatracker.ietf.org/doc/rfc7239/ballot/
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
