[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [TLS] Comments on TLS identity protection
I agree with many of Eric's comments.
TLS can already hide the client certificates, but this mechanism
is not widely used. This draft proposes an optimization to the
hiding mechanism that requires a smaller number of roundtrips and
less computation.
However, it seems that the reasons why the existing feature is
not used have nothing to do with poor performance. And if the
existing mechanism doesn't have a performance problem, optimizing
it would be premature (and thus "root of all evil" :-).
Best regards,
Pasi
_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls