On 01/11/17 14:18, Salz, Rich wrote: > In https://www.ietf.org/mail-archive/web/tls/current/msg24789.html, > Nick Sullivan concluded: > >> - on the other hand using draft-rhrd is safer than allowing >> organizations to hack single-key escrow into TLS 1.3 or continue to >> use TLS 1.2 with non-forward-secret cipher suites > > I think this sets up a false comparison. Existing TLS 1.3 debugging > systems – Wireshark – can debug individual TLS sessions with the > session key information being made available. This is what the RHRD > draft would require an organization to do, but it adds the additional > signaling that the client is willing to allow it. The Wireshark > example shows that the signaling is not needed. Servers can > unilaterally do it now. > > I maintain that the cleartext signal servers no useful purpose, > except to provide a mechanism for entities to segregate traffic.
I agree. I'd also like to point out that that in no way implies that the absence of the visible signal is any better. As we saw with draft-green, it was not. S. > > > > _______________________________________________ TLS mailing list > TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
