> > > - > Nalini, why don't you (the consortium) define the standard, then? > > > > > Indeed, if a “TLS13-visibility” standard has to be defined, it would > make sense for the consortium (rather than the TLS WG) to define it. > > > > I completely disagree. Here is why I would not prefer that route: > > > > 1. Multiple standards are likely to diverge. > > > Take the case of India, we have over 700 dialects. Many of them started > with the same root language. It has gotten so villages 10 miles apart > cannot talk to each other. We use English (a clearly non-native language!) > to communicate. > > > I could see the same happening with TLS and Consortium-TLS. Not a happy > thought for interoperability. >
>Why is there any need for interoperability between TLS and Consortium-TLS? TLS is designed to be secure and reliable, and it's clear that Consortium-TLS finds such goals problematic. Yet I fail to see why that's a problem, since the claimed goal >is that Consortium-TLS would only be used within a single enterprise/datacenter, and thus would never need to interoperate with a world that valued security and privacy. Enterprises value security and privacy. They have a different job to do. What they are trying to do is to protect against leakage of data, do fraud monitoring, protect against malware and many other things. When this gets into the medical arena, it can even be lives. I don't even see how you can say what you are saying. Let me ask you then, what are the use cases you find to be valid? Saying that enterprises don't value security and privacy is really not terribly useful to resolving any discussion. Nalini On Wed, Mar 14, 2018 at 4:07 PM, Ryan Sleevi <ryan-ietf...@sleevi.com> wrote: > > > On Wed, Mar 14, 2018 at 6:52 PM, nalini elkins <nalini.elk...@e-dco.com> > wrote: > >> >> All, >> >> In London now & back on email: >> >> >> - >> Nalini, why don't you (the consortium) define the standard, then? >> >> >> >> > Indeed, if a “TLS13-visibility” standard has to be defined, it would >> make sense for the consortium (rather than the TLS WG) to define it. >> >> >> >> I completely disagree. Here is why I would not prefer that route: >> >> >> >> 1. Multiple standards are likely to diverge. >> >> >> Take the case of India, we have over 700 dialects. Many of them started >> with the same root language. It has gotten so villages 10 miles apart >> cannot talk to each other. We use English (a clearly non-native language!) >> to communicate. >> >> >> I could see the same happening with TLS and Consortium-TLS. Not a happy >> thought for interoperability. >> > > Why is there any need for interoperability between TLS and Consortium-TLS? > TLS is designed to be secure and reliable, and it's clear that > Consortium-TLS finds such goals problematic. Yet I fail to see why that's a > problem, since the claimed goal is that Consortium-TLS would only be used > within a single enterprise/datacenter, and thus would never need to > interoperate with a world that valued security and privacy. > -- Thanks, Nalini Elkins President Enterprise Data Center Operators www.e-dco.com
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
