Re: [TLS] draft-green-tls-static-dh-in-tls13-01

Jeffrey Walton <> Sat, 15 July 2017 06:10 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B1A7512FB9A for <>; Fri, 14 Jul 2017 23:10:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 74iUmr0CE8QF for <>; Fri, 14 Jul 2017 23:10:34 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4003:c06::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1B48D12EC55 for <>; Fri, 14 Jul 2017 23:10:34 -0700 (PDT)
Received: by with SMTP id 191so86333888oii.2 for <>; Fri, 14 Jul 2017 23:10:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:reply-to:in-reply-to:references:from:date:message-id :subject:to:cc; bh=si9tmk3ueFWaMan6FSN1ODpYl4U28o2zwQ8kz5c+q+U=; b=M4gsJ6IQnlpeikaCiOUg2e6Q29vkbYmnmFinv/vtRplgsQ19bwdDnCQH7z+vM9goj3 EOHDqS02IMOQfUHfF8Fn4yC5ILarFlqMbXhSZikclNDPVMIAN5L4fGF+fH3dYMh6avx8 EH56dG/5gAIe42N3p+cIoRUrzaNxtgVY1MVZ5N9ides35P6NqLxaLDuA/jcmdxWBCgCZ 6u1lC9aVPUTBQOP+Kp4Xm1PtoUbSIg6gOG5xFd/V/miEYHdXE7owEuEjwdEpoNbe+6Ze uSscb/Tpy07WW8jvXIARGXJ54KYxZdylhC0sXFgacbTun1N9KiutZA3aoOgo5hqIVNUP cqEg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :from:date:message-id:subject:to:cc; bh=si9tmk3ueFWaMan6FSN1ODpYl4U28o2zwQ8kz5c+q+U=; b=O7j7gZoBWfipl1P6JBSGqVQv8asiZw6/13V+H7wti1yRCqFSSZw3RYZ/iMEqDcZSQ4 juAKl8ishsKDO1UTGT44ob0D7mf3P88OQEN6C8XucLdFRT/rY6UO94fqEn2xGfXLFW1w uWcQ9Z5MMmwoK5GTasHveIFsEjO/pUFAX0P2oinrrJltq6PzX9KX69mEMkDYN3Pzew+n S2OoNDUmiapcodRUPZenTPsP8Lln281NJFjRXR7SfVj40wPI5GRPLBoJHsw2uGJhKWLy 29MlhpPOaChQofem5oIkaZy1c+7tjeN3KSu3ftpQgHtgbV5NrIewCJD5EHseShOQCDx/ m1lw==
X-Gm-Message-State: AIVw111x6JLoaNT8yzh/fqQ96lhnnL/LRB86B8WHCPA8sMmaYYVB+ZW/ SddkQWCL4VZrpePgD0VJ0JoS8WIbvA==
X-Received: by with SMTP id f129mr8436669oih.157.1500099033546; Fri, 14 Jul 2017 23:10:33 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Fri, 14 Jul 2017 23:10:32 -0700 (PDT)
In-Reply-To: <>
References: <> <> <> <>
From: Jeffrey Walton <>
Date: Sat, 15 Jul 2017 02:10:32 -0400
Message-ID: <>
To: "Salz, Rich" <>
Cc: "" <>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <>
Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 15 Jul 2017 06:10:39 -0000

On Sat, Jul 15, 2017 at 1:58 AM, Salz, Rich <> wrote:
> Unless I missed the reply, I did not see any answer to my question as to why
> it must be opt-in.  Do we think evildoers will tell the truth about what
> they are doing?

Opt-in is choice. Choice for a consumer is usually a good thing.
Sunlight is the best disinfectant.

The market can punish those who don't respect privacy concerns. I
can't speak for others, but I regularly avoid services that I find

Some evildoers won't tell the truth. Eventually some will be caught.
The market can punish those who get caught.

EU regulators may be able to exert legal pressure on dishonest
evildoers. I doubt the US will take any action. The oligarchy is
strong on this side of the pond.

I speculate EU entities that were honest about their practices will
sidestep some regulatory actions.