Hiya,
On 28/09/2021 17:53, Salz, Rich wrote:
This will be of interest to some on this list. Quoting: “The NCCoE at NIST recognizes the challenges associated with compliance, operations, and security when enterprises employ encrypted protocols, in particular Transport Layer Security (TLS) 1.3, in their data centers. This project will use commercially available technologies to demonstrate a range of approaches for enabling necessaryintra-enterprise access to unencrypted/decrypted information.
I'm glad I'm not a tax payer in a jurisdiction that's encouraging people to weaken the security properties this WG has tried hard to improve. I wonder do other parts of NIST sponsor work like that - it'd be a bit like [1] producing specs on how to get your thumb on the scales;-) From my perspective this kind of thing also makes it harder to figure out what overall evaluation to associate with the agency that produced AES, dual-ec, this stuff, and presumably some PQ alg "winners" in the near future. Quite the mixed bag that. Cheers, S. [1] https://www.nist.gov/pml/weights-and-measures
More at https://www.nccoe.nist.gov/projects/building-blocks/applied-cryptography/addressing-visibility-challenges-tls-13 including how to participate._______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
OpenPGP_0x5AB2FAF17B172BEA.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
