On Wed, Jul 30, 2014 at 10:22:22AM -0700, Martin Thomson wrote: > On 30 July 2014 08:54, Stephen Kent <kent@xxxxxxx> wrote: > > I would say: > > "OS strives to greatly broaden the use of encryption in IETF protocols, > > to combat PM. To facilitate incremental deployment, OS operates in > > a fashion that may result in a plaintext connection/session." > > That's a good description of OE, but wasn't the whole point of using > OS as the term to cover other opportunistic mechanisms, like maybe > opportunistic authentication (which I just invented, but I hope is > self-explanatory). Since opportunistic security subsumes opportunistic unauthenticated encryption (where applicable), the proposed text is technically sound. What remains to determine is to what extent the point is already covered, and the exact language or location in the document to update. Yes, opportunistic security also subsumes designs with "opportunistic authentication", such as proposed in the DANE SMTP draft, which specifies "opportunistic DANE TLS" for SMTP. I hope that other OS protocols will indeed find a way to do "opportunistic authentication" whenever possible and not just be limited to unauthenticated encryption. OS is a "golf umbrella" term... :-) -- Viktor.