[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [TLS] Comments on TLS identity protection
badra@xxxxxxxx wrote:
> does no one care about his server consuming amounts of CPU to do,
> among others, two sets of crypto-computations for nothing?
If the extra computations occur only in very rare situations,
it's perfectly reasonable not to care about it (at least
sufficiently to spend the $$$ for designing, implementing,
testing, deploying, etc. a new mechanism).
> Many mechanisms can be designed to add client privacy to TLS, but
> the question arises: which one is more efficient and preferment?
My point was that we *already* have one mechanism for client privacy
in TLS. Thus IMHO the right question to ask is *NOT* which one is
more efficient and preferred, but rather is the existing mechanism
so bad that we should spend effort in adding *another* one?
> Haven't many documents been originally approved for easy
> deployment and optimization reasons?
I think deployment-wise, double handshake has the advantage that
it's already specified and implemented.
Best regards,
Pasi
_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls