On Tue, Dec 10, 2013 at 7:31 AM, Jari Arkko <jari.arkko@xxxxxxxxx> wrote:
Perhaps it might be easier to discuss this if we all recognised that it is a question of tradeoffs. (But as Phillip correctly noted, the world changes, perceptions changes, new information comes available, and today's tradeoffs may be different from yesterdays.)
> Au contraire. I like security. I recognise the need for security, and am glad it exists.
>
> I'm just not a big fan of people who demand security where it is not needed, and who prioritise security above all other aspects of protocol design, which are dismissed as unimportant and are neglected as a result.
What else do we really need to do?
I don't see reducing the load time of a HTTP page by a few milliseconds to be a higher priority, though the browser providers have always disagreed with me on that.
The real tradeoff comes in implementation quality. Most IETF security protocols have been considered to be checklist items. They are features that are supported only to the extent necessary to claim support. So Windows and Mac both support IPSEC VPN but the native implementation has a rubbish user interface.
Website: http://hallambaker.com/