Hiya, On 07/07/17 22:12, Russ Housley wrote: > Stephen: > >> You didn't refer to 2804 and the standards track. As an author do >> you really think this can be on the standards track and yet not >> obsolete 2804? > > Yes.
We disagree. > Section 3 of RFC 2804 offers pretty clear definition of > wiretapping, and that is not what is going on here. In this > situation, all of the parties are part of the same organization, > under common key management. That is one possible deployment. There is nothing in this proposal that limits it's use to that. > The server must explicitly accept and > use the centrally managed (EC)DH key, so that party is completely > aware and, in fact, enabling the other parties to decrypt the > traffic. Yes, and the server could equally be compelled to do that, in which case this technology would clearly be a standard form of wiretapping. Claiming that is not the case would be incredible so I have no idea how you maintain that this isn't in conflict with 2804. S. > > Russ > >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
