[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Basis for disagreement

To: ietf-tls <ietf-tls@xxxxxxxxxxxxx>
Subject: Re: Basis for disagreement
From: Chris Newman <chris+ietf-tls@xxxxxxxxxxxx>
Date: Tue, 29 Jul 1997 15:06:58 -0700 (PDT)
Reply-to: <ietf-tls@xxxxxxxxxxxxx>

On Fri, 25 Jul 1997, Tim Dierks wrote:
> I think a significant part of our basic problem is the answers to these two
> questions:
>   1) Is complete interoperability in basic conflict with security?
>   2) Which should be more important?
> 
> I believe the answers are:
>   1) Yes.
>   2) Security.

I believe the answers are:

1) No.  A site is always free to deploy whatever security policy they
wish.  If the site buys client/server products from different vendors or
communicates with external sites there is no guarantee for more security
than the mandatory cipher suites. If there is no mandatory cipher suite,
sites in this latter category are forced to use plaintext or go through a
lot of trouble to co-ordinate cipher suites supported by clients, servers
and all external sites they communicate with. 

2) Interoperability.  On the grounds that if two computers can't
communicate it doesn't matter what security options they have at either
end.

Prev by Date: Re: TLS will not meet in Munich
Next by Date: Re: Comments on Mandatory Ciphers and a Proposal
Previous by thread: Re: Basis for disagreement
Next by thread: Re: Basis for disagreement
Index(es):
- Date
- Thread