okay, I have a message for all the people whining about TLS being adapted to TLS 1.2:
-
Show this thread
-
I have been arguing for taking a hard stance on shitty vendors for years. I don't feel I get a whole lot of support.
1 reply 1 retweet 5 likesShow this thread -
we had all the same discussion with version intolerance. TLS wg decided to workaround shitty vendors and not break them.
1 reply 1 retweet 2 likesShow this thread -
there was a situation at IETF in Berlin where it was discussed whether to do that or do the even worse thing, which is fallbacks
1 reply 1 retweet 2 likesShow this thread -
I stood up and said there's another option: Just don't. Break these things and tell vendors they need to fix their shit.
2 replies 2 retweets 9 likesShow this thread -
It was made *very* clear to me that this isn't an option. Nobody stood up to loudly speak in support of me.
1 reply 2 retweets 1 likeShow this thread -
I'm not blaming the people who try to workaround these issues. I understand their perspective and that they have pressure from other sides.
1 reply 1 retweet 2 likesShow this thread -
If you don't like that workarounds for shitty vendors speak up. Join the TLS wg. Talk to your friends at google, mozilla, MS, Apple.
2 replies 14 retweets 14 likesShow this thread
Unfortunately what happens is that wacky special interests (enterprise MITM companies) are the ones who speak up for commercial advantage.
-
-
Replying to @RichFelker @hanno
And ppl who just want TLS to do its job and keep everyone safe don't realize there are malicious parties trying to undermine it for profit.
0 replies 1 retweet 1 likeThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.