Hiya,
On 04/04/2024 09:53, Andrea Vesco wrote:
I-D: https://datatracker.ietf.org/doc/draft-vesco-vcauthtls/
From figure 2 it looks as if use of this mechanism would have bad privacy properties as the DLT would end up knowing which clients accessed which servers at what times. That's v. similar to the problems caused by clients checking OCSP. On that basis, I'd consider this a bad idea that ought not be pursued, and certainly not by the TLS WG. Or, am I wrong about the privacy issue here? Thanks, S.
OpenPGP_0xE4D8E9F997A833DD.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
