On Thu, Jul 20, 2017 at 12:44 AM, Salz, Rich <rs...@akamai.com> wrote:
> It’s like saying “all browsers that support TLS support wiretapping > because of the static RSA key exchange.” > > > > It’s a little disingenuous > It sure is! and hyperbolic, but that's the term that people keep applying, so it's clarifying to use it consistently whenever we talk about this. While I'm at it, I can't make sense of: "Using the RSA key to decrypt traffic to your server is wire-tapping." "Using the RSA key to impersonate and MITM your server isn't wire-tapping." We'll still support the latter, which is much worse than the former :( I can't see how offering something /between/ the two, more secure than the latter, isn't a net improvement on where we'll be with TLS1.3. -- Colm
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
