Hi Ted, Martin, At 02:07 AM 12-11-2018, Ted Hardie wrote:
The IETF security ADs provided feedback to ETSI on this ETSI work last year and ETSI responded in liaison statement CYBER(17)011006r1. The IAB generally agreed with the IETF security Area Directors' analysis.
Thanks. At 02:20 AM 12-11-2018, Martin Thomson wrote:
ETSI seem to have ignored the request regarding the name (this is called eTLS, the last one was called mcTLS). They have also changed to a different design, specifically the one in draft-green-tls-static-dh-in-tls13. That design is considerably simpler than mcTLS, but it's a design that was abandoned even by its proponents for several good reasons (lack of forward security and lack of transparency being the ones I remember offhand).
I took a quick look at the "TLS for the enterprise" specification. The per-session forward secrecy was removed to allow for "operational visibility".
Regards, S. Moonesamy
