> Isn’t the most obvious issue that more than one party have the private keys?
This is inaccurate. Trust Expressions does not define or propose any form of key escrow, nor are there any changes to which parties control the private keys of a connection. I encourage you (and others!) to read the drafts, or at minimum, read the supporting documentation. https://github.com/davidben/tls-trust-expressions On Fri, Jul 19, 2024 at 10:06 PM Rob Sayre <say...@gmail.com> wrote: > Isn’t the most obvious issue that more than one party have the private > keys? > > thanks, > Rob > > On Fri, Jul 19, 2024 at 18:29 Devon O'Brien <asymmetric= > 40google....@dmarc.ietf.org> wrote: > >> Hi all, We’ve added a document that attempts to summarize, and offer an >> initial analysis of, several of the scenarios that have been raised in >> on-list discussions related to the possibilities that Trust Expressions (or >> more broadly, Trust Anchor Negotiation) could be used to enable >> surveillance, or to make surveillance easier to achieve than with existing >> solutions. >> >> We’ve been adding to this document for some time, and while there is >> overlap with the documents that Dennis has recently shared, it is not a >> response to them, as it was nearly complete by the time they were posted. >> Our goal is for this analysis to be complete and accurate, so we will >> incorporate additional scenarios, arguments, and analysis over time based >> on the ensuing discussion. >> >> >> https://github.com/davidben/tls-trust-expressions/blob/main/surveillance-and-trust-anchor-negotiation.md >> >> As with any of the other documents in the repository, we encourage you to >> ask on list, or file a github issue if you feel we have missed something or >> that our analysis is incorrect >> >> We look forward to the WGs comments and hope to see those coming to >> Vancouver next week. >> >> - Devon, Bob, David >> _______________________________________________ >> TLS mailing list -- tls@ietf.org >> To unsubscribe send an email to tls-le...@ietf.org >> > _______________________________________________ > TLS mailing list -- tls@ietf.org > To unsubscribe send an email to tls-le...@ietf.org >
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
