On Oct 23, 2017, at 12:22 PM, Ackermann, Michael <mackerm...@bcbsm.com> wrote: > My question back to you was WHAT SIMPLIER PROTOCOL?
This is what I actually wrote, in the message before the one Kathleen sent: > What they require is visibility into contents of the flow that they are using > encryption to protect. Right now, the protocol they are using is TLS 1.1 or > TLS 1.2. The right thing for them to do if they continue to need this > visibility and are no longer permitted to use TLS 1.2 is to use IPsec+IKE, or > some protocol that is designed for this use case, not to take a protocol > designed specifically for securing flows from on-path eavesdropping and > create a mode where it is easier to wiretap.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
