---- Original Message ----- From: "Pete Resnick" <[email protected]> To: "Orit Levin (LCA)" <[email protected]> Cc: "t.p." <[email protected]>; <[email protected]> Sent: Thursday, October 09, 2014 10:33 PM > On 10/9/14 3:40 PM, Orit Levin (LCA) wrote: > >> Orit said > >> "We have the "Opportunistic TLS" topic as one of the UTA potential > >> deliverables, so we welcome the interested parties to write a separate > >> draft on the subject ..... " > >> > > On Jan 17, the charter was mapped to a list of proposed deliverable. Please, see the WG archive for the corresponding thread. One of the identified deliverables is: > > 4. A document discussing (and potentially defining) how to apply the opportunistic encryption approach (preliminary outlined in draft-farrelll-mpls-opportunistic-encrypt-00.txt) to TLS. (Category TBD) > > > > > >> Well, no. The charter does not mention opportunistic, so again, we lack > >> a definition, or at least a link between whichever part of the charter > >> people have in mind and the term "Opportunistic TLS". > >> > > That's probably a statement for the ADs to address... Pete, could you, please, chime in and clarify (again) what the intention of the Charter language is and how it corresponds to the "Opportunistic ..." concept? > > > > From the UTA Charter: > > "- Consider, and possibly define, a standard way for an application client and server to use unauthenticated encryption through TLS when server and/or client authentication cannot be achieved." > > > > Orit has it exactly correct: What people are now referring to as > "opportunistic TLS" is what the charter refers to as "unauthenticated > encryption through TLS". That was the IESG's intention when the charter > was approved. > > It is up to the WG whether this document will additionally discuss the > issue of doing authentication in an opportunistic manner. > > I think references to the Opportunistic Security draft are perfectly > reasonable.
Pete Thanks for the clarification. Tom Petch > (And just to be clear: One of the primary reasons that the term > "opportunistic encryption" was not chosen for the title of the O-S > document is because the term "opportunistic encryption" was already used > by RFC 4322 in an incompatible way. Claims that it is "yet to be > defined" are simply mistaken.) > > pr > > -- > Pete Resnick<http://www.qualcomm.com/~presnick/> > Qualcomm Technologies, Inc. - +1 (858)651-4478 > > _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
