I don't believe the WG should adopt this as it goes against rfc2804 and encourages bad behaviour. We ought not be helping to normalise broken crypto. I'm happy to repeat that at the mic in Prague but would be even happier if this draft were not discussed there - these attempts to weaken security have IMO already taken up too much time and too many cycles.
S. On 07/07/17 08:02, Matthew Green wrote: > The need for enterprise datacenters to access TLS 1.3 plaintext for > security and operational requirements has been under discussion since > shortly before the Seoul IETF meeting. This draft provides current thinking > about the way to facilitate plain text access based on the use of static > (EC)DH keys on the servers. These keys have a lifetime; they get replaced > on a regular schedule. A key manager in the datacenter generates and > distributes these keys. The Asymmetric Key Package [RFC5958] format is > used to transfer and load the keys wherever they are authorized for use. > > We have asked for a few minutes to talk about this draft in the TLS WG > session at the upcoming Prague IETF. Please take a look so we can have a > productive discussion. Of course, we're eager to start that discussion on > the mail list in advance of the meeting. > > The draft can be found here: > > https://tools.ietf.org/html/draft-green-tls-static-dh-in-tls13-01 > > Thanks for your attention, > Matt, Ralph, Paul, Steve, and Russ > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
