Re: [dix] DRAFT: WAE BOF minutes
"Ben Laurie" <benl@google.com> Wed, 19 July 2006 13:58 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G3CZL-0007UL-RV; Wed, 19 Jul 2006 09:58:31 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G3CZK-0007UG-I4 for dix@ietf.org; Wed, 19 Jul 2006 09:58:30 -0400
Received: from smtp-out.google.com ([216.239.33.17]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G3CZJ-0003rV-40 for dix@ietf.org; Wed, 19 Jul 2006 09:58:30 -0400
Received: from stewie.corp.google.com (stewie.corp.google.com [172.24.0.49]) by smtp-out.google.com with ESMTP id k6JDwQPc005068 for <dix@ietf.org>; Wed, 19 Jul 2006 14:58:26 +0100
DomainKey-Signature: a=rsa-sha1; s=beta; d=google.com; c=nofws; q=dns; h=received:message-id:date:from:to:subject:in-reply-to: mime-version:content-type:content-transfer-encoding: content-disposition:references; b=EQvGeeL7p7cgD7SUPP/6DtGlQhoU+50vt62ONOVmMC7AZamw1Ea8aQylL0Ya2556M B/knt/wX4tnzcT/1kpcSA==
Received: from smtp-out2.google.com (fpe16.prod.google.com [10.253.5.16]) by stewie.corp.google.com with ESMTP id k6JCpeVq031668 for <dix@ietf.org>; Wed, 19 Jul 2006 06:58:21 -0700
Received: by smtp-out2.google.com with SMTP id 16so70405fpe for <dix@ietf.org>; Wed, 19 Jul 2006 06:58:21 -0700 (PDT)
Received: by 10.253.1.18 with SMTP id 18mr835563fpa; Wed, 19 Jul 2006 06:58:21 -0700 (PDT)
Received: by 10.253.14.2 with HTTP; Wed, 19 Jul 2006 06:58:21 -0700 (PDT)
Message-ID: <1b587cab0607190658m66dacc79p7a75dcb8285a5270@mail.google.com>
Date: Wed, 19 Jul 2006 14:58:21 +0100
From: Ben Laurie <benl@google.com>
To: Digital Identity Exchange <dix@ietf.org>
Subject: Re: [dix] DRAFT: WAE BOF minutes
In-Reply-To: <44BE3622.6090504@secure-endpoints.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <198A730C2044DE4A96749D13E167AD37BD6557@MOU1WNEXMB04.vcorp.ad.vrsn.com> <20060718194907.GW21538@binky.Central.Sun.COM> <86mzb67itl.fsf@raman.networkresonance.com> <44BD56D6.8030502@secure-endpoints.com> <86fygy7fdq.fsf@raman.networkresonance.com> <44BD5C25.4080002@secure-endpoints.com> <1b587cab0607190401x421492f2p19e3bb686e75777a@mail.google.com> <44BE3622.6090504@secure-endpoints.com>
X-Spam-Score: -4.3 (----)
X-Scan-Signature: 538aad3a3c4f01d8b6a6477ca4248793
X-BeenThere: dix@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Digital Identity Exchange <dix@ietf.org>
List-Id: Digital Identity Exchange <dix.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/dix>
List-Post: <mailto:dix@ietf.org>
List-Help: <mailto:dix-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dix>, <mailto:dix-request@ietf.org?subject=subscribe>
Errors-To: dix-bounces@ietf.org
On 7/19/06, Jeffrey Altman <jaltman@secure-endpoints.com> wrote: > Ben Laurie wrote: > > I'd note that most of the work of supporting these things has to be > > done in OpenSSL, and unlike Apache, OpenSSL does not have a large > > funded development community. > > > > Expecting volunteers to rush to implement every cute TLS feature is > > asking a lot. The way to make this happen is to find money for OpenSSL > > development. > > Ben: > > I am very well aware that compared to the applications that use OpenSSL, > those working on OpenSSL find it next to impossible to obtain > contributions to support their efforts. Individuals and small > businesses are not going to write a check for OpenSSL (or an OpenSSL > contributor) to develop this code. That's not how people think. > > Instead someone will write a check to Apache to implement support > for said feature because they want it in their web server. The Apache > folks will respond with (a) once OpenSSL gives it to us we will have > it so don't worry about it; and (b) it won't do you any good anyway > because the browsers, webdav clients, etc. don't implement it. > > We are therefore left with a serious catch-22. The only way that we > can get functionality like this implemented is to first obtain agreement > from the client and server vendors. Only then might it become > reasonable to expect end users to step up with funding. Browsers seem to be implementing these features faster. I'm told SNI is in most major browsers now, for example. What would help, actually, is keeping a league table of features and where they're implemented, and thus making it obvious which ones have to be done to make a feature useful. Cheers, Ben. > > Jeffrey Altman > > > > _______________________________________________ > dix mailing list > dix@ietf.org > https://www1.ietf.org/mailman/listinfo/dix > > > > _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix
- [dix] DRAFT: WAE BOF minutes Dick Hardt
- Re: [dix] DRAFT: WAE BOF minutes Eliot Lear
- Re: [dix] DRAFT: WAE BOF minutes Ben Laurie
- Re: [dix] DRAFT: WAE BOF minutes Nicolas Williams
- RE: [dix] DRAFT: WAE BOF minutes Hallam-Baker, Phillip
- [dix] the point of a standards process Joaquin Miller
- Re: [dix] DRAFT: WAE BOF minutes Nicolas Williams
- Re: [dix] DRAFT: WAE BOF minutes Eric Rescorla
- Re: [dix] DRAFT: WAE BOF minutes Nicolas Williams
- Re: [dix] DRAFT: WAE BOF minutes Jeffrey Altman
- Re: [dix] DRAFT: WAE BOF minutes Eric Rescorla
- Re: [dix] DRAFT: WAE BOF minutes Jeffrey Altman
- Re: [dix] DRAFT: WAE BOF minutes Dick Hardt
- Re: [dix] DRAFT: WAE BOF minutes Joe Orton
- Re: [dix] DRAFT: WAE BOF minutes Ben Laurie
- Re: [dix] DRAFT: WAE BOF minutes Ben Laurie
- Re: [dix] DRAFT: WAE BOF minutes Jeffrey Altman
- Re: [dix] DRAFT: WAE BOF minutes Ben Laurie
- Re: [dix] DRAFT: WAE BOF minutes Gavin Baumanis
- Re: [dix] DRAFT: WAE BOF minutes Richard Megginson
- [dix] WAE BOF minutes (Final cut) Pete Resnick
- Re: [dix] WAE BOF minutes (Final cut) Pete Resnick