[Security] TLS Certificates Verification

Eric Rescorla ekr at rtfm.com
Tue Aug 19 16:14:54 CDT 2008


On Tue, Aug 19, 2008 at 1:51 PM, Jonathan Schleifer
<js-xmpp-security at webkeks.org> wrote:
> Jonathan Dickinson <jonathanD at k2.com> wrote:
>
>> (compared to making
>> a new standard which would have no implementations).
>
> ESessions *HAS* implementations! That's the point I bring up again and
> again against reinventing the wheel and doing something with TLS now!

There's something truly ironic about someone lobbying for an entirely
new and unanalyzed cryptographic protocol suggesting that using the
most widely implemented crypto protocol in the world would be reinventing
the wheel.

-Ekr


More information about the Security mailing list