Thank you for sharing, Rich! I must express my profound disappointment regarding the project's failure to publish received comments even after 8 months (to the best of my knowledge). It's concerning that while the project's status indicates "Soliciting Comments," it has proceeded to publish another specification. This not only questions the validity of the project but also reflects very poorly on NIST. Is the project merely a marketing ploy for the collaborating vendors?
I want to emphasize that this critique is not directed at the entirety of NIST. I think the cryptography division of NIST is doing a good job of transparency and openness, and I have often defended their practices in online forums. GSMA and 3GPP have engaged in discussions regarding TLS visibility, reaching a consensus that encryption with ephemeral key exchange is imperative. Any visibility requirements must be addressed within the endpoints themselves. Furthermore, the telecom industry has initiated talks on standardizing virtual taps within endpoints. It is crucial that any visibility measures are authenticated, and the scope of accessible data is minimized. Cheers, John Preuß Mattsson From: TLS <tls-boun...@ietf.org> on behalf of Salz, Rich <rsalz=40akamai....@dmarc.ietf.org> Date: Wednesday, 31 January 2024 at 16:22 To: tls@ietf.org <tls@ietf.org> Subject: [TLS] NIST: Addressing Visibility Challenges with TLS 1.3 within the Enterprise Some may find this useful. “The National Cybersecurity Center of Excellence (NCCoE) invites you to s<https://www.nccoe.nist.gov/addressing-visibility-challenges-tls-13>hare your feedback<https://www.nccoe.nist.gov/addressing-visibility-challenges-tls-13> on preliminary draft Special Publication 1800-37, Addressing Visibility Challenges with TLS 1.3 within the Enterprise<https://www.nccoe.nist.gov/addressing-visibility-challenges-tls-13>. The public comment period is open now until April 1, 2024. “ https://content.govdelivery.com/accounts/USNIST/bulletins/380cbe4
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
