On 28/02/2025 10:47, John Mattsson wrote:
I think it is an interesting idea to use the KEYLOG format to help debugging of other security protocols. I think easy debugging helps deployment of security protocols. I think each protocol should have its own registry. The registries could be listed under the same IANS KEYLOGFILE name space. The file should have some info on which protocol it contains keys for.
I think the above is an awfully bad plan. Step0: we have this existing deployed thing we want to document. Step1: hey can I add ECH to that? Step2: let's allow a DE to extend the set of keys we exfiltrate Step3: let's do the same for more protocols Step4: I need to centralise all those key logs Step5: We have a standard for cross-protocol LI We've seen how quickly we've gone from step 0 to now people arguing for step 3. Let's not go there. Cheers, S.
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
