[Cryptography] IPsec DH parameters, other flaws
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Fri Jul 3 10:55:47 EDT 2020
Thierry Moreau <thierry.moreau at connotech.com> writes:
>I presume the TLS 1.3 design addresses the requirements for heavy server side
>loads (connection setups and overall encrypted data throughput), the ultimate
>end-to-end security being subordinated to server side efficiency.
Yes. Like HTTP/2, the design goal for TLS 1.3 was to make pushing out web
content to clients as easy and efficient as possible, even if it meant
sacrificing security or functionality for things other than pushing out web
content efficiently in the process. Look at the hacks around ~0RTT and
session tickets, for example.
Peter.
More information about the cryptography
mailing list