On Tue, Aug 05, 2014 at 06:14:19PM +0000, Viktor Dukhovni wrote:
On Tue, Aug 05, 2014 at 11:43:02AM -0400, Stephen Kent wrote:
The bottom line is that a primary
motivation for OS is a desire to remove barriers to the use of encryption,
More strongly:
* Yes at least encrypt when possible, but more generally,
* Avoid needlessly weak options, and finally,
* Strive for stronger security than just unauthenticated encryption,
with any peer for which this is possible.
Yes.
To be more specific OS must not preclude things like DANE that can be
opportunistic and provide strong authentication.
It's worth mentioning DNSSEC/DANE because a lot of concerns I've seen
stated about OS (indeed, that I myself have stated) go away when one
considers the use of DNSSEC for learning how to authenticate a service.
(Or, perhaps, such concerns get transmutated into concerns about the
lack of compromised/adversarial parent zone MITM detection in DNSSEC.)
Do no forget that during the saag discussion that preceded this
draft, this was one of the main differences between our views, and
that I do not subscribe to the view that opportunistic security is
a narrow response to PM or that it should be limited to promoting
just unauthenticated encryption.
More than that: why should OS stop there?
and removing the need for authentication based on certificates is a good way
to do this.
Not "removing", rather "not requiring". We lower the floor,
but not the ceiling of the range of acceptable protections.
More +1.
And, really, +1 to the rest of Viktor's response.
Nico
--