> On Dec 13, 2020, at 1:54 PM, Eric Rescorla <ekr@xxxxxxxx> wrote: > > My position is that modern practice is to design protocols that have encryption > (this is strongly encouraged by RFC 7258 and also is just what we're doing) > and this document neither (a) engages with that nor (b) provides particularly > helpful guidance for encrypted protoco +1 I don’t like the idea of over-specification to provide partial privacy or security. If we want or expect that, encryption is required, not these methods. These only make implementations that properly employ security needlessly complex. Joe -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
