> On Sep 30, 2020, at 08:51, Watson Ladd <watsonbl...@gmail.com> wrote: > > Recommended N doesn't stop people from using PSK when appropriate if > other constraints make it the most appropriate choice.
It does, because this "stop" occurs on a business level, not the technical... Realm of advertisement, claimed security and compliance, etc. Where a business manager is afraid to scare potential customers away by implementing/selling something "not recommended", because even if he himself managed to read the doc to the end and understand what that's about, he cannot trust all the customers to do so... Plus the potential legal cases when a customer who was cyber-hit, sues the manufacturer because he "did something against recommendations"... That's not your favorite Ivory tower, and not a peer-reviewed academic publication/conference. Now, since it's a rough morning and I feel grumpy - let me be blunt, and say that IMHO this whole "recommend" idea sounds *stupid*. Recommended by who and for who? WT... do the "recommenders" know about the spectrum of use cases? Based on the above exchange - not a lot. If you want to "recommend" for the Web browsers (which seems a fairly safe niche to pontificate) - say so explicitly, and enjoy. Otherwise - .... > >> >> In discussions in the IETF I notice for some the IoT computing world starts >> with Cortex A-class devices, as they are found in Raspberry Pis, tablets and >> phones. Those are high performance processors where crypto is lightning >> fast. But don't forget the other family of processors, of which there are >> probably more than a 80 billion out in the wild already. >> >> Ciao >> Hannes >> >> -----Original Message----- >> From: TLS <tls-boun...@ietf.org> On Behalf Of Watson Ladd >> Sent: Wednesday, September 30, 2020 2:29 AM >> To: Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu> >> Cc: tls@ietf.org >> Subject: Re: [TLS] The future of external PSK in TLS 1.3 >> >>> On Tue, Sep 29, 2020 at 12:49 PM Blumenthal, Uri - 0553 - MITLL >>> <u...@ll.mit.edu> wrote: >>> >>> I share Achim's concerns. >>> >>> But I believe the explanations will turn out mostly useless in the real >>> world, as the "lawyers" of the industry are guaranteed to steer away from >>> something "not recommended". >>> >>> In one word: bad. >> >> Why is PSK so necessary? There are very few devices that can't handle the >> occasional ECC operation. The key management and forward secrecy issues >> with TLS-PSK are real. Steering applications that can afford the CPU away >> from PSK and toward hybrid modes is a good thing and why this registry >> exists imho. >> >> >> -- >> Astra mortemque praestare gradatim >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls >> IMPORTANT NOTICE: The contents of this email and any attachments are >> confidential and may also be privileged. If you are not the intended >> recipient, please notify the sender immediately and do not disclose the >> contents to any other person, use it for any purpose, or store or copy the >> information in any medium. Thank you. > > > > -- > Astra mortemque praestare gradatim
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
