On 19 Jul 2017, at 20:29, Watson Ladd wrote:
Now it turns out that the requirements on solutions came from
organizational issues you never told us about.
The organizational issues have been described previously, both on the
list and in the meetings; and the technical issues are quite separate
from the organizational ones. The one isn't the cause of the other.
In many cases, the organizational issues do not exist, yet the technical
ones remain.
There is a serious technical issue here; the only reason the
organizational issues were even mentioned was to provide context.
I still don't see a response to how you determine unauthorized access
happened without being the authority on what access is authorized.
It's possible to have the relevant access policy information to hand
without being the authority oneself.
Apparently exporting the PMS from clients and servers isn't possible:
I find that hard to believe.
It isn't practical from a performance nor a network architecture
perspective.
Let's standardize an extension that exports an encrypted EMS and be
done with this debate.
That does not meet the technical requirements.
There's some quite useful and constructive discussion of possible
approaches taking place - I'm observing it with interest.
-----------------------------------
Roland Dobbins <rdobb...@arbor.net>
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
