I don't understand this proposal at all. You absolutely can build in wiretapping capabilities into TLS server implementations without any help from the TLS protocol.
(E.g., your servers could send a multicast UDP datagram for each session/connection, bearing metadata and master keys encrypted to a logging facility's public key, or in a logging session key. If UDP be insufficiently reliable for your needs, then use TCP. Yes, there's overhead in this, but it's minimal, and you already need fast logging facilities anyways.) Changing the TLS protocol to aid in wiretapping risks introducing vulnerabilities in the protocol. Nico -- _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
