<div dir="ltr"><div dir="ltr"><div class="gmail_default" style="font-size:small">On Mon, Aug 12, 2024 at 1:11 PM Kent Borg <<a href="mailto:kentborg@borg.org">kentborg@borg.org</a>> wrote:<br></div></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><u></u>
<div>
<div>On 8/12/24 05:25, Peter Gutmann wrote:<br>
</div>
<blockquote type="cite">
<pre>There's also a tendency for protocol designers / standards committees to
design mechanisms to try and address every imaginary issue everyone on the
standards committee could ever dream up, including a great many that don't
actually exist.</pre>
</blockquote>
<p>Ah, committees. Paper is cheap. Even cheaper now that mostly no
one ever prints anything.<br>
</p>
<p><br>
</p>
<p>If only there were someone with some common sense and visibility
and cryptography credentials to lead an effort to define a
"TLSsimple" standard. (Mostly a job of just deleting stuff,
right?)<br>
</p>
<p>And then get some Rust folk to implement a solid version of it, I
hear there is funding for such things. It could be small enough to
run in fairly restricted embedded devices, even</p></div></blockquote><div><div class="gmail_default" style="font-size:small">I don't think TLSsimple is what we need. What we really need is a protocol to do secure Web Services in which each transaction is individually and discretely authenticated so that injection attacks are defeated. Web Services are poorly served by TLS security and make almost no use of HTTP. So go straight to a HTTPS alternative designed for Web Services - which is what I have written.<br></div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">Now unfortunately, it will get a bit more complex in the next week or so because I am going to have to add in PQC security, well because nobody is going to switch to a next gen PKI unless it is PQC.</div><br></div><div><br></div><div><br></div><div><br></div><div> </div></div></div>