"Masataka" == Masataka Ohta
<mohta(_at_)necom830(_dot_)hpcl(_dot_)titech(_dot_)ac(_dot_)jp> writes:
Masataka> Keith Moore wrote:
>>> Also from the draft: "At least for the strong security
>>> requirement of BCP 61 [RFC3365], the Security Area, with the
>>> support of the IESG, has insisted that all specifications
>>> include at least one mandatory-to-implement strong security
>>> mechanism to guarantee universal interoperability."
>>>
>>> I do not think this is a factual statement, at least when it
>>> comes to HTTP, which is where my interest lies.
>> note that it is not necessary to have at least one
>> mandatory-to-implement strong security mechanism to guarantee
Masataka> What, do you mean, strong security?
Masataka> Given that CAs of PKI can be compromised as easily as
Masataka> ISPs of the Internet, PKI is merely weakly secure as
Masataka> weakly as the plain Internet.
I'd consider DH a fine strong security mechanism in a number of cases.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf