I think there's no way the connection can be established if the third party in control of the network does not allow that.
My only goal here is to leave fewer possibilities to set the eavesdropping silently. Regards, Uri Sent from my iPhone > On Jul 23, 2017, at 10:33, Ted Lemon <mel...@fugue.com> wrote: > > I did a little bit of rubber-duck debugging on this proposal with Andrea on > the way back from Boston this morning. It's actually better for the server > to secretly use a static key than to negotiate. Stephen has already > explained why: if this is a negotiation, then it's possible for a third party > to simply block any negotiation that doesn't allow it. We have no control > over evil endpoints, and it's silly to pretend otherwise. Pretending > otherwise makes us less secure, not more secure. >
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
