- From: Stephen Satchell <satchell@accutek.com>
- Date: Thu, 6 Feb 1997 06:25:01 -0700
- To: dpkemp@missi.ncsc.mil (David P. Kemp), ietf-tls@w3.org, ssl-talk@netscape.com
At 9:33 AM 2/5/97, David P. Kemp wrote: >There are 3 alternatives, only two of which have been discussed so far: > * dedicate (and reserve through IANA) a separate port for every > protocol that might benefit from TLS protection > * use the normal port for each protocol, and negotiate security options > (including TLS) from the application using something like SASL > * define a one-byte TCP option which would allow the negotiation of > a security protocol (e.g. TLS) during the TCP handshake. Time for this lurker to speak up. There is a fourth alternative, and one which may be painful in the short term but beneificial in the long term. That is to define a mechanism to define session-layer and presentation-layer protocols for applications that allows for (almost) seamless integration of things like SSL/TSL, host-to-host compression, and other enhancements to existing applications. At least this should be explored. If I knew more about existing practice (and if my day job didn't steal so much of the night) I'd come up with some proposals. Maybe this is a good research project for a grad student to look at. --- Stephen Satchell, Satchell Evaluations http://www.accutek.com/~satchell for contact info Opinions expressed are my own PERSONAL opinions.
Received on Thursday, 6 February 1997 09:24:56 UTC