> On Oct 25, 2017, at 5:27 PM, Richard Moore <richmoor...@gmail.com> wrote:
>
> I'd say that the recipient domain is actually making a contract that it
> guarantees to continue to provide the possibility of enhanced security. A
> client that enforces STS will enforce that contract. By providing this
> guarantee clients are able to enforce a stronger security assurance since
> they know that the server will do its part. So I'd say your characterisation
> has things backwards.
We can disagree on the mental model, but forwards or backwards,
the important thing to remember is that we're trying to raise
the ceiling and more often achieve more security, rather than
raise the floor and more often fail.
While some kind of floor is appropriate, it must not be bleeding
edge aggressive. STS is still opportunistic security (with
authentication enabled when the appropriate signalling is seen
from the remote peer), and the considerations of RFC7435 still
apply.
--
Viktor.
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
