On 10/19/2017 05:30 PM, Darin Pettis wrote: > > The question has been raised: "Why address visibility now?" The > answer is that it is critical that the visibility capability is > retained. It is available today through the RSA key exchange > algorithm. We understand that the issue was raised late and have > fallen on the preverbal sword for being late to the party but the > issue is real. That is where the "rhrd" draft has come from. A way > to retain that visibility capability but with a newer and more secure > protocol. >
But the "rhrd" draft does not require any changes to the core TLS 1.3 protocol, and in fact I have heard several key participants say that any "visibility" changes must not require changes to the core protocol. If the "visibility" work will be done via extensions, then there is no ordering requirement for their specification with respect to the core work, there is only an ordering requirement between them and adoption of TLS 1.3 in enterprises. Do you want to argue that a year timescale is too slow for enterprise adoption of TLS 1.3? If not, I continue to not see a reason to address "visibility" now. -Ben
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
