[145413] in cryptography@c2.net mail archive
Re: A mighty fortress is our PKI
daemon@ATHENA.MIT.EDU (Nicolas Williams)
Tue Jul 27 19:38:57 2010
Date: Tue, 27 Jul 2010 17:01:18 -0500
From: Nicolas Williams <Nicolas.Williams@oracle.com>
To: Ben Laurie <ben@links.org>
Cc: Peter Gutmann <pgut001@cs.auckland.ac.nz>, cryptography@metzdowd.com,
paul.tiemann.usenet@gmail.com
In-Reply-To: <4C4F479B.8070606@links.org>
On Tue, Jul 27, 2010 at 09:54:51PM +0100, Ben Laurie wrote:
> On 27/07/2010 15:11, Peter Gutmann wrote:
> > The intent with posting it to the list was to get input from a collection of
> > crypto-savvy people on what could be done. The issue had previously been
> > discussed on a (very small) private list, and one of the members suggested I
> > post it to the cryptography list to get more input from people. The follow-up
> > message (the "Part II" one) is in a similar vein, a summary of a problem and
> > then some starters for a discussion on what the issues might be.
>
> Haven't we already decided what to do: SNI?
But isn't that the problem, that "SNI had to be added therefore it isn't
everywhere therefore site operators don't trust its presence therefore
SNI is irrelevant"?
Do we have any information as to which browsers in significant current
use don't support SNI? Hopefully at some point site operators could
declare that browsers that don't support SNI will not be supported.
Nico
--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
