On 7/7/2017 2:54 PM, Russ Housley wrote: > Stephen: > ... >> And also: I'm sorry to have to say it, but I consider that >> attempted weasel wording around the clear intent of 2804. The >> clear and real effect if your wiretapping proposal were standardised >> by the IETF would be that we'd be standardising ways in which >> TLS servers can be compelled into breaking TLS - it'd be a standard >> wiretapping API that'd be insisted upon in many places and would >> mean significantly degrading TLS (only *the* most important >> security protocol we maintain) and the community's perception >> of the IETF. It's all a shockingly bad idea. > I clearly disagree. Otherwise, I would not have put any work into the draft. Russ,
What are the specific mechanisms that would allow this technique to be used where you intend it, i.e. within a data center, and not where Stephen fears it would be, i.e., on the broad Internet? For example, what mechanism could a client use to guarantee that this sort of "static DH" intercept could NOT be used against them? -- Christian Huitema _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
