Hiya, On 21/03/2019 13:46, Eric Rescorla wrote: > In addition, the innherent escrow capability that you describe in Section 7 > is a way in which IBC systems are materially worse than PKI systems in a > way we don't know how to ameliorate (as opposed to CT).
I agree with Ekr here. I'd go further and argue that applications really need to be aware that somewhere there's a key generator who knows all private keys and that it'd be too dangerous for that kind of difference to be hidden inside a TLS library. > For these reasons, I don't think this WG should adopt this work, though > the process allows you to have a code point without adoption. +1 Cheers, S.
0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
