Hi Rich, Good that you inform the TLS WG. I was planning to do that but forgot. Ericsson is likely to provide the comments in the link below. We think it is good that NIST is doing this project, visibility is a problem, but our position is that reuse of key shares is not an acceptable solution.
https://github.com/emanjon/Publications/blob/main/Ericsson%20comments%20on%20NIST%20SP%201800-37A%20May%2013.pdf Cheers, John From: TLS <tls-boun...@ietf.org> on behalf of Salz, Rich <rsalz=40akamai....@dmarc.ietf.org> Date: Tuesday, 16 May 2023 at 13:19 To: tls@ietf.org <tls@ietf.org> Subject: [TLS] NIST Draft comments period: Addressing Visibility Challenges with TLS 1.3 Public comment period open until June 26. Quoting from https://content.govdelivery.com/accounts/USNIST/bulletins/359534b This project builds on our earlier work, “https://www.nccoe.nist.gov/tls-server-certificate-management,” which showed organizations how to centrally monitor and manage their TLS certificates. We are now focusing on protocol enhancements such as TLS 1.3 which have helped organizations boost performance and address security concerns. These same enhancements have also reduced enterprise visibility into internal traffic flows within the organizations' environment. This project aims to change that--and has two main objectives: • Provide security and IT professionals practical approaches and tools to help them gain more visibility into the information being exchanged on their organizations’ servers. • Help users fully adopt TLS 1.3 in their private data centers and in hybrid cloud environments—while maintaining regulatory compliance, security, and operations. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
