
TLS 1.3 in enterprise networks - tambourine_man
https://www.cs.uic.edu/~s/musings/tls13-enterprises/
======
tptacek
The ( _much_ ) better link on this story is Checkoway's:

[https://www.cs.uic.edu/~s/musings/tls13-enterprises/](https://www.cs.uic.edu/~s/musings/tls13-enterprises/)

Fun facts:

* The proposed "wiretapping modification" of TLS 1.3 doesn't really modify the TLS protocol in any way that a proprietary implementation couldn't already do. This is in stark contrast to the banks' original demand for TLS 1.3, of retaining the RSA handshake, which actually does change the protocol.

* The author of the "wiretapping" proposal is Matthew Green.

* Steve Checkoway was one of Matthew Green's students, before Chicago captured him. :)

I think Checkoway's post is pretty level-headed. I think Tim Bray's post is
less so.

~~~
dang
Ok, changed to that from
[https://www.tbray.org/ongoing/When/201x/2017/07/24/TLS-1-3-W...](https://www.tbray.org/ongoing/When/201x/2017/07/24/TLS-1-3-Wiretapping).
Thanks!

Edit: actually this looks like a dupe of
[https://news.ycombinator.com/item?id=14832517](https://news.ycombinator.com/item?id=14832517).

------
ivanbakel
The concern is valid, but the way the author expresses it is totally paranoid.
It is not "easy" to insert a "wiretap" into TLS - as the technical article,
which reached the FP as well yesterday, explains, nothing the WG is discussing
isn't already possible in TLS 1.2. If you're scared of a wiretap, it's already
happening. Nothing is being _introduced_.

~~~
tptacek
That's not totally true. We generally want enterprises on TLS 1.3 rather than
TLS 1.2; TLS 1.3 has a safer, more modern design. Further, _enterprises_ want
to be on 1.3.

It's also not a legitimate IETF goal to prevent network operators from
monitoring their own networks. Of course, it's not a legitimate goal to ensure
they can monitor their networks in any particular way.

It's not an especially simple debate.

~~~
userbinator
I can also say that, as a _personal_ user of filtering proxies[1], I'd want to
have TLS 1.3 support too.

[1]
[https://en.wikipedia.org/wiki/Proxomitron](https://en.wikipedia.org/wiki/Proxomitron)

------
mobilio
No, no. Please no static DH!

