On 25/10/17 17:11, Ackermann, Michael wrote: > And if this is not a feature that everyone wants, then so be it. > But at least it was an attempt by a small number of people to try to > find common ground and make any form of progress.
I do not accept that there is an onus on IETF participants to acquiesce to bad ideas in the name of finding common ground. The IETF is not that kind of SDO (at least I hope not). When a thing is a sufficiently bad idea, then it is not a good plan to try meet it half-way. That is the case with the basic idea here. So, sorry, no - compromise is not a goal. OTOH, investigating non-damaging means of meeting data centre requirements that do not involve TLS is an entirely fine thing to do IMO. (Though maybe not the oft-quoted but *never* so far substantiated claims related to PCI;-). I would encourage you and others to go do that. If that calls for the development of a new multi-party security protocol that can be used in such environments, that is also just fine and could have other interesting uses. One could also do work to try make it easier for sites to evolve towards use of (closer to, but not, perfect) forward secrecy. But breaking TLS is very different to both and is not fine. S.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
