okay, I have a message for all the people whining about TLS being adapted to TLS 1.2:
-
Show this thread
-
I have been arguing for taking a hard stance on shitty vendors for years. I don't feel I get a whole lot of support.
1 reply 1 retweet 5 likesShow this thread -
we had all the same discussion with version intolerance. TLS wg decided to workaround shitty vendors and not break them.
1 reply 1 retweet 2 likesShow this thread -
there was a situation at IETF in Berlin where it was discussed whether to do that or do the even worse thing, which is fallbacks
1 reply 1 retweet 2 likesShow this thread -
I stood up and said there's another option: Just don't. Break these things and tell vendors they need to fix their shit.
2 replies 2 retweets 9 likesShow this thread -
It was made *very* clear to me that this isn't an option. Nobody stood up to loudly speak in support of me.
1 reply 2 retweets 1 likeShow this thread -
I'm not blaming the people who try to workaround these issues. I understand their perspective and that they have pressure from other sides.
1 reply 1 retweet 2 likesShow this thread -
If you don't like that workarounds for shitty vendors speak up. Join the TLS wg. Talk to your friends at google, mozilla, MS, Apple.
2 replies 14 retweets 14 likesShow this thread -
Replying to @hanno
Unfortunately what happens is that wacky special interests (enterprise MITM companies) are the ones who speak up for commercial advantage.
1 reply 1 retweet 1 like
And ppl who just want TLS to do its job and keep everyone safe don't realize there are malicious parties trying to undermine it for profit.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.