1. If staying with TLS 1.2 indefinitely was considered acceptable, would we even be having these discussions?
DAMMIT. Stop saying indefinitely. What percentage of hosts within your enterprise use TLS 1.2 as the preferred protocol? 1. Modifying Server, application and logging infrastructure is a huge, expensive proposition, that executive management would not be receptive to at all. Not to mention the logistics to follow if they were. And this is probably the main point behind all this. Folks want to make the entire Internet less secure (I’ve explained why) so that they can save time and money. But even if that were not the issue, do you think this draft won’t require custom work?
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
