On Sat, Jul 8, 2017 at 9:27 AM, Watson Ladd <watsonbl...@gmail.com> wrote: > > > They also don’t want to install TLS proxies all over the place. That’s a > > large extra expense for them. > > Nginx exists. What's the blocker?
Here's how these networks work today: * Key servers are configured to use RSA KX, no DH. * In some cases, all outbound (e.g. internet) connectivity is also proxied via such a server. Clients are made to trust a private CA for this purpose. * All data is not necessarily logged or stored somewhere, and almost certainly not in the plain, as that would increase over-all risk. * Admins use port-mirrors and tools like tcpdump to investigate/scan suspicious flows from time to time, or as part of a targeted investigation. Occasionally it might also be used for debugging. The RSA keys can be used to render the connections plain on demand. * That doesn't mean that the RSA private keys are readily available, they are often very tightly controlled. Migrating to proxies would: * Be a very big operational change. Gotta get nginx on all of the boxes, is that even possible? * Completely change the access mechanisms, invalidate almost all of the operational controls. * Probably more than double the basic compute costs associated with encryption. * Create more sensitive environments where plaintext is floating around. That doesn't mean that these vendors/operators are owed a solution, or an easy-to-insert more-or-less-compatible-with-today mechanism. But it does help assess whether they are really likely to adopt TLS1.3 to begin with. -- Colm
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
