[TLS] Re: Ketan Talaulikar's No Objection on draft-ietf-tls-tls12-frozen-07: (with COMMENT)

Tue, 10 Jun 2025 05:39:48 -0700 

Hi Peter
Hi Eric,

let me start, that my experience with "non web TLS" questions
here in the list isn't that good, but that's not only for a
year or half. I also don't want to blame someone. Community
approaches usually require a lot of "volunteers", and that's
much easier, if there is also a huge user base.

If we use shodan.io and search for:

protocols | hits
----------+------------
http      | 494,416,751
https     |  25,094,459
amqp      |     808,842
mqtt      |     451,617
coap      |     267,177

tls       |   3,909,386
dtls      |         207

we get already an impression about that.

If we then see, that the approach of the TLS group to get more
quality (security) naturally takes more resources, then this
will change in the future even more towards the web only domain.

I guess other use-case will simply "fork their security" and do
something as OSCORE or other approaches (e.g. AFAIK MQTT-SN
started to consider alternative approaches for DTLS at least 1.5
years ago). In my opinion, these alternatives will not provide the
same security, but they may be more viable, when the user- and
expert-base isn't that huge.

> we just need to sit back and wait a bit.

We will see.

br
Achim

Am 10.06.25 um 11:29 schrieb Peter Gutmann:

Eric Rescorla <e...@rtfm.com> writes:


in order to feed your particular hobby horse.


Because someone has to keep pointing out that the TLS WG for some years now
hasn't been representative of TLS use in general but mostly just TLS for the
web.  This shouldn't be too hard to demonstrate, could folks on the list who
work in embedded, SCADA, industrial control, device-based TLS (not really sure
how to classify the set, that's a bit of a handwave) who have also posted to
the list at least once in the last six months, a very low barrier, please
identify themselves?  A head count shouldn't be hard to do, we just need to
sit back and wait a bit.

Peter.
_______________________________________________
TLS mailing list -- tls@ietf.org
To unsubscribe send an email to tls-le...@ietf.org


_______________________________________________
TLS mailing list -- tls@ietf.org
To unsubscribe send an email to tls-le...@ietf.org

Reply via email to