On Thu, 20 Aug 2020 09:58:58 -0400 Roelof DuToit <r@nerd.ninja> wrote:
> As co-author I am not a proponent of passive TLS inspection - not > least because of the ossification implications. It cannot be labeled > as ineffective though (see further comments below), even if the > document strongly hints at not using passive TLS inspection in a > post-TLS-1.2 world. Mostly I endorse Ekr's comment that a document like this should actually spell out any convolutions and conditions necessary to the effective use of passive inspection. I would try to find time to examine a revised document that did this. But I do want to address one such in particular now: > 1. Policy-based control over the use of RSA key exchange. It should > not be allowed. Qualys estimates that when TLS 1.3 was finalised RSA was required for about 5.7% of web sites (it had been larger previously). That's a pretty huge caveat. The same document we're discussing, draft-ietf-opsec-ns-impact-02 actually several times relies upon RSA key exchange (in section 5.3) for methods it says will now be impacted by TLS 1.3 because that doesn't allow RSA key exchange. As written there's no problem, but it seems to me that if you add a condition saying to disallow RSA key exchange in section 5.1, this has the effect of implicitly rebuking this approach from section 5.3. That would be a little bit silly in a single document but it's even sillier when you recall that actually products in this space straddle both categories. Nick. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
