Re: Mandatory encryption *is* theater


On Aug 25, 2013, at 12:02 PM, Eliot Lear <lear@cisco.com>
 wrote:
> 
>> There is new information; there are widespread deployments of sniffers. More
>> details have since been released. As Chair, Mark felt that this was enough to
>> re-open the discussion.
> 
> Anonymous cypher suites might well have changed the character of this problem, but probably not have reduced it, and may have introduced unintended consequences.   They still may help with the so-called "Starbucks" problem, but to me that problem is better dealt with at a lower layer so that ALL communications on that network can be protected.  I also believe that the underlying issues of the above quoted statement lie elsewhere (about 3  to 4 layers above HTTP). 

(Opportunistic) IPsec?

Received on Sunday, 25 August 2013 09:58:31 UTC