Hello, I have just become aware of this draft and I believe there might be a good cautionary addition I would like to propose:
Specifically, I am worried that with further encouragement to standardize this format, it will become a convenient way to surveil unsuspecting end users. All this requires is "some" access to the system, for many implementations this includes setting an environment variable. What an attacker gains is then something more reliable, machine-readable (and in many cases useful) than a simple keylogger. The problem here (in my opinion) is the word "unsuspecting". I would like to see an addition to the draft along the following lines: > A TLS application interacting with an end-user (e.g. a browser) MUST clearly > communicate any requests to log TLS secrets to the user and MUST NOT indicate > a secure connection. Otherwise, this draft looks fine to me. Thanks for your efforts, Thomas -- ``` M.Sc. Thomas Bellebaum Applied Privacy Technologies Fraunhofer Institute for Applied and Integrated Security AISEC Lichtenbergstraße 11, 85748 Garching near Munich (Germany) Tel. +49 89 32299 86 1039 thomas.belleb...@aisec.fraunhofer.de https://www.aisec.fraunhofer.de ```
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
