Chose not to provide replay protection?! I have to agree with Colm - it doesn't sound good.
Care to justify? P.S. Care to name (another :) one security-related protocol that doesn't provide replay protection? Regards, Uri Sent from my iPhone > On May 3, 2017, at 21:42, Colm MacCárthaigh <c...@allcosts.net> wrote: > > > >> On Wed, May 3, 2017 at 6:11 PM, Watson Ladd <watsonbl...@gmail.com> wrote: >> Historically TLS protected against replay attacks. Now it doesn't. An >> application that relies on this property which TLS used to guarantee >> is now broken. Clearly we could have provided it, we just chose not >> to. > > And that choice is insecure. If it's to be kept, I'd suggest renaming the > protocol. > > -- > Colm > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
