On Jul 23, 2017, at 9:01 PM, Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu> wrote: > What I am trying to avoid is the ability to *surreptitiously* subvert a > protocol that’s assumed to be secure.
You don't seem to be hearing what I'm trying to say. What you are proposing is physically impossible. It is always possible to surreptitiously subvert the protocol. This is not an achievable goal. What you get if you implement what you are proposing is a protocol that's easier for an on-path attacker to subvert, not a protocol that is harder for an end-point attacker to subvert.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
