> I didn’t say easy, I said ‘easier’
>
Can you explain how it is easier?
There’s no way to limit it to the use-case it was putatively intended for. We
now have a signaling mechanism that says “allow interception.” Firewalls can
drop connections where the client doesn’t send that extension. Therefore they
can force only tappable TLS traffic. This makes the job easier.
I take it you want to see this draft adopted?
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
