Salz, Rich wrote: >Can you explain why TLS 1.2 isn't good enough for your needs?
I think it's bad to force industries requiring visibility to use TLS 1.2 unless it is for a limited time. TLS 1.2 is obsolete. I think the TLS WG should not spend any more time on TLS 1.2. I personally do not object to the registrations as such. I object to the draft stating that sacrificing confidentiality has latency, cost, power, processing, and code size benefits. There seems to be consensus in the TLS WG that this is most often not the case. The discussions with the authors seem to lead nowhere. I think the draft needs to remove everything regarding benefits. In fact, I think the draft could be very short: "There are use cases requiring visibility. This memo defines cipher suites without confidentiality for such use cases. This breaks the TLS 1.3 security property "Protection of endpoint identities" and is NOT RECOMMENDED." That said, I think NULL encryption is a VERY BAD solution to the visibility problem. If visibility is needed, draft-rhrd-tls-tls13-visibility is clearly better. The TLS WG might also need to discuss when the Appendix E security properties applies. Both draft-camwinget-tls-ts13-macciphersuites and draft-ietf-tls-external-psk-guidance breaks some of the security properties. Maybe this is ok as long as it is NOT RECOMMENDED? Cheers, John _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
