
Industry Concerns about TLS 1.3 - m0nastic
https://www.ietf.org/mail-archive/web/tls/current/msg21275.html
======
runesoerensen
Good response [https://www.ietf.org/mail-
archive/web/tls/current/msg21278.h...](https://www.ietf.org/mail-
archive/web/tls/current/msg21278.html)

~~~
pitaj
That's amazing.

------
wolf550e
So banks want to continue not supporting PFS. Banks can afford to log the
private ECDHE key of every connection to decrypt all captured packets at a
later date.

------
aorth
Wow. My message to the banks: We are trying to build a more secure internet.
Update your servers, libraries, etc every few years like the rest of us.
You're not special. It's hard for all of us.

------
ddp
The changes in TLS 1.3 are long overdue. There are some of us who argued
vociferously to not include some of those bad ciphers but we were overruled,
probably by the same cabal that decided to remove IPsec from mandatory-to-
implement for IPv6.

