Stephen,
It is not false. It is simply largely unknown because of subsequent
IETF related narratives that choose to omit the history. The documents
are available online - although portions remain classified. A request
is pending for their declassification and release. You can find some of
the details in the links in this article.
http://www.circleid.com/posts/20190124_creating_tls_the_pioneering_role_of_ruth_nelson/
Ruth Nelson - who led some of the important components - appeared at
last October's NSA Crypto History Symposium. She filled in some of the
details and the work was recognized by those there. Whit was also there
also there and gave a great presentation. Unfortunately, women in this
field seem not to get the credit they deserve.
--tony
On 2020-03-08 10:56 AM, Stephen Farrell wrote:
On 08/03/2020 14:46, Tony Rutkowski wrote:
TLS is particular has a history going back to 1986 when the platform was
first announced by the USG and the TLS specification was instantiated
initially in the GOSIP standards and then in ITU/ISO standards.
That's false. I've seen it repeated a few times but it
remains false. Mostly, this falsehood seems to be repeated
in tandem with efforts one could interpret as attempts
to create FUD about Internet related security.
TLS started in the IETF as a compromise between Netscape
and Microsoft proposals for how to secure HTTP.
X.509 started as part of X.400, then X.500 and is used by
TLS. Today, I would bet almost all implementers never need
to look beyond RFC5280 for X.509. And I hope it stays that
way until we somehow figure out how to retire X.509.
S.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
