On 19/07/17 14:09, Benjamin Kaduk wrote: > As Stephen noted in his presentation, a lot of the proposals for passive > decryption can be seen as trying to turn TLS from a two-party protocol > into a three-party protocol. Which is probably the right way to think > about it, even when all (three) parties are within the same > administrative domain. > > Stephen also said something about it being hard to shoehorn a > three-party protocol into the API for a two party protocol. But > depending on the specifics, maybe it's not so bad. For example, if the > only semantics you need are a new API for "this is the list of third > parties I authorize to wiretap this connection", the scope seems fairly > limited.
I would question the size of the set of applications for which the semantics of such a list/interface could make sense. For example, asking a person if they're ok with some random IPv6 address spying on a TLS session makes zero sense for example. Cheers, S. > > Another thought spawned from today's session is that, given concerns > about preventing/noticing if schemes intended for the datacenter leak > out onto the internet, it's not really clear that "minimizes changes to > the wire protocol" should be considered a benefit of proposals in this > space. If there are clear changes to the wire protocol, that makes it > easy to detect when the scheme is in use. > > -Ben > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
