* I think you're mixing things up a bit. That’s quite possible.
* I'm comparing draft-rhrd to draft-green. The wireshark option requires storage of n keys to inspect n connections, both draft-rhrd and draft-green only require a single master key to inspect n connections. Draft-green requires limited use of ECDH keys, so that they can be sent to the third party. Draft-rhrd allows limited use, but does not require it. It allows a great deal of flexibility, from one key for days, to one key for each session. Right? We can’t control what a server will do, and we never could. No matter how much we jump up and down and say “don’t give away the keys unless you see the RHRD extension” we’ll never know. An unforceable rule is a very bad rule and shouldn’t be a rule. Draft-green is much more intellectually honest, and doesn’t provide the cleartext signal. * Your rejection of the cleartext signal expresses implies a preference for draft-green over draft-rhrd, not a preference for the wireshark option over draft-rhrd. Without draft-rhrd, it's likely that draft-green gets implemented whether it's standardized or not and no client will be able to opt out or even know that it's happening. Yes; I am surprised that’s being questioned, but after this note it should be obvious to all. In fact, I think it was before Matt’s proposal that I stood at the mic and said we should treat it like prohibition: “this is grape juice, but if you do this… and this… and this… it will become wine. That’s illegal so don’t do that.” * Users won't have any option, or any knowledge that servers are using a master key to protect the confidentiality of their connection and that their security may be lessened because of it They still don’t. We might all like to think that they do, but with or without either draft, there is no way to ensure anything about the server’s behavior beyond the bits it sends on the wire. It was always so, and hoping that some text will make it more than this is a disservice to the end users.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
