On Tue, Jun 09, 2020 at 08:57:00AM +1200, Brian E Carpenter wrote: > On 09-Jun-20 07:02, Nico Williams wrote: > > On Mon, Jun 08, 2020 at 11:23:09AM -0700, Michael Thomas wrote: > >> ssl had the advantage that it 1) beat ipsec to market, and 2) wasn't subject > >> to API differences from OS layer calls like IPsec was, and with quite a bit > >> of churn as i recall too. it's really too bad, imo. we wouldn't have had to > >> do the contortions of dtls, for example. and now there's this problem. none > >> of them are earth shattering, but it would have been cleaner. > > > > You can sprinkle TLS anywhere you have an octet stream. You can > > sprinkle DTLS anywhere you have datagram flows. > > Unless someone says "multicast". That's a whole different ball of wax.
