> I think we should abandon this effort and not publish. > > When initially proposed this was supposed to be documenting a > deployed reality. I could just about hold my nose with that, > but adding in ECH (for which key exfiltration is not currently > deployed, nor seemingly needed) and the IANA considerations make > this much more unacceptable. > > While I expected to be in the rough for the initial proposal I > do hope others find this as unacceptable as I do and we don't > publish. > > Including ECH here is IMO not necessary - there is no history > of needing that for debugging purposes so adding it based on > speculation is IMO wrong and a fatal error. > > This is now extensible (via IANA specification required) which > is a problem as that means anyone can likely define new ways > to exfiltrate secrets from TLS implementations without any WG > overview. That IMO is another fatal error. > > Less importantly, but still substantively, the draft does not, > but should, recommend that this feature only be available via > conditional compilation (where available) and not be part of > any standard library or other release. If publishing, we should > be aiming for the strongest possible implementation guidance > in that respect. > > Thanks, > S.
It seems to me that there are multiple concerns about the real-world (rather than just technical) implications of this specification. Might I suggest polling for opinions regarding the concerns at the IRTF working groups concerned with affected real-world implications? Concretely, according to their RG charters: - HRPC aims "To expose the relation between protocols and human rights, with a focus on the rights to freedom of expression and freedom of assembly." - Similarly, PEARG aims to "understand the privacy implications in a wider context", although this may refer mainly to the specific privacy enhancing technologies intended by the RG members. Best, TBB -- ``` M.Sc. Thomas Bellebaum Applied Privacy Technologies Fraunhofer Institute for Applied and Integrated Security AISEC Lichtenbergstraße 11, 85748 Garching near Munich (Germany) Tel. +49 89 32299 86 1039 thomas.belleb...@aisec.fraunhofer.de https://www.aisec.fraunhofer.de ```
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
