-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
History shows that is not actually true. For instance, TLS is almost
identical to SSL. Why is this? Is it because "implementation
experience" showed that SSL was simply the One True Way to write a
transport security protocol? No. It's because there was a large SSL
installed base of which the TLS designers wanted to take advantage,
and thus the more identical the protocol was the more it would be
accepted.
- From an implementation experience point of view, I would say that the
last four years have demonstrated the cipher suite space issue is not
an issue, and the "we're going to run out of space" argument is the
only one made to defend this negotiation proposal which depends on an
extension proposal. Time has demonstrated that particular sky is not
going to fall, and thus in the absence of any method in the standard
to specify certificate type the cipher suite field remains the
correct place to put this.
Eric Rescorla wrote:
Implementation experience is an important factor. The existence of
implementations which were written pre-Proposed and which would be
broken by a new specification isn't. If you want to argue that your
implementation experience indicates that this is the right approach
and some other approach is wrong, go ahead. I don't see you arguing
that. Rather, I see you arguing that you (and presumably others)
have implemented a specific approach and would be inconvenienced by
any other approach, regardless of its technical merits. That's not
the basis on which the IETF is supposed to make decisions.
- -- Will
Will Price, Director of Engineering
PGP Security, Inc.
a division of Network Associates, Inc.
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1.1
iQA/AwUBPEegfqy7FkvPc+xMEQLzTgCgwo11ZaRZPQxI0Kw7vuEVGnJCIQYAoKqk
0a78Fe7qhgTOT+EqZlvBruk2
=Lurc
-----END PGP SIGNATURE-----