>So-called "Enterprise" infrastructure has delayed the work of this group >for at least a year. Noone of the people creating that mess has reached >out to this group to explain why they constantly break TLS - let alone >apologize for it.
>I believe there's a large overlap of the actors breaking TLS with the >actors who are worried about things like SNI encryption. I'm not sure I >see any reason not to consider these actors as anything but opposed to >the work of this group. I believe that enterprise people have tried over and over again to explain. You may wish to take a serious look at: https://datatracker.ietf.org/doc/draft-fenter-tls-decryption/ I, personally, have tremendous respect for the people in the TLS group. The level of cryptographic expertise as well as the passion / commitment is unparalleled. I think both "sides" are acting with good intentions - while looking at the world through their own lenses. Enterprises need to be able to do Business As Usual (BAU) while integrating innovation into their networks. I suspect that no one likes middleboxes or "breaking" TLS but it is at least temporarily necessary. You cannot hide your head in the sand and pretend it does not exist. Markets exist for a reason. People do not spend time and money to make presentations (at the TLS group) without having a very good reason to do so. IMHO, having everything at the end points (or the end-to-end principle) has led to an unsustainable trajectory to expensive and complex network functions and end-points. I have done a rudimentary survey of some of the enterprises I know and they say that much (if not most) of their time is spent in patching applications and end points. This is one reason they cannot look ahead to bigger tasks like migrating to IPv6. I completely agree that enterprises have not presented the statistics and a carefully reasoned study to substantiate the above claims. I am in the process of taking a step back to see what we need to do - what drafts we need to write and what numbers we need to present - to have a full picture of how Internet protocols are used. Enterprises are a very large group of users of the Internet protocols and need to be considered as such. Nalini On Wed, Jul 4, 2018 at 1:54 AM, Hanno Böck <ha...@hboeck.de> wrote: > So-called "Enterprise" infrastructure has delayed the work of this group > for at least a year. Noone of the people creating that mess has reached > out to this group to explain why they constantly break TLS - let alone > apologize for it. > > I believe there's a large overlap of the actors breaking TLS with the > actors who are worried about things like SNI encryption. I'm not sure I > see any reason not to consider these actors as anything but opposed to > the work of this group. > > -- > Hanno Böck > https://hboeck.de/ > > mail/jabber: ha...@hboeck.de > GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > -- Thanks, Nalini Elkins President Enterprise Data Center Operators www.e-dco.com
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
