On Jul 17, 2017, at 15:59, Carl Mehner <c...@cem.me<mailto:c...@cem.me>> wrote:
the only way that this draft would help you with malware analyzing) This statement is factually incorrect. It’s not the only way, as I've just explained. Again, why are you trying to pretend that the use of this technique is not prevalent nor important in the security context, when it is in fact quite prevalent & important, & has been for many years? And why are you unable to understand that that in the case of an additional layer of attacker-generated crypto nestled within a TLS tunnel, as you posited, that the ability to simply detect the presence of such an additional layer of unexpected crypto, even without the ability to immediately decrypt it, has substantial value in a security context? Are you unfamiliar with the concept of traffic analysis, in the crypto sense of the term? ----------------------------------- Roland Dobbins <rdobb...@arbor.net<mailto:rdobb...@arbor.net>>
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
