[Cryptography] TLS2

ianG iang at iang.org
Sun Sep 29 03:51:26 EDT 2013


On 28/09/13 20:07 PM, Stephen Farrell wrote:

> b) is TLS1.3 (hopefully) and maybe some extensions for earlier
>     versions of TLS as well


SSL/TLS is a history of fiddling around at the edges.  If there is to be 
any hope, start again.  Remember, we know so much more now.  Call it 
TLS2 if you want.

Start with a completely radical set of requirements.  Then make it so. 
There are a dozen people here who could do it.

Why not do the requirements, then ask for competing proposals?  Choose 
1.  It worked for NIST, and committees didn't work for anyone.

A competition for TLS2 would bring out the best and leave the bureaurats 
fuming and powerless.



iang


More information about the cryptography mailing list