Forgot your password?
Security Encryption

IETF To Change TLS Implementation In Applications 80

Posted by timothy
from the nice-orderly-scramble dept.
Trailrunner7 writes "The NSA surveillance scandal has created ripples all across the Internet, and the latest one is a new effort from the IETF to change the way that encryption is used in a variety of critical application protocols, including HTTP and SMTP. The new TLS application working group was formed to help developers and the people who deploy their applications incorporate the encryption protocol correctly. TLS is the successor to SSL and is used to encrypt information in a variety of applications, but is most often encountered by users in their Web browsers. Sites use it to secure their communications with users, and in the wake of the revelations about the ways that the NSA is eavesdropping on email and Web traffic its use has become much more important. The IETF is trying to help ensure that it's deployed properly, reducing the errors that could make surveillance and other attacks easier."
This discussion has been archived. No new comments can be posted.

IETF To Change TLS Implementation In Applications

Comments Filter:
  • by Anonymous Coward on Sunday December 15, 2013 @05:33AM (#45693789)

    The blame should not be put on using certificates but trusting an unknown certificate just because one of 500 or so certificate authorities signed it.

  • by raymorris (2726007) on Sunday December 15, 2013 @10:57AM (#45694877)

    This work is being done by IETF, the Internet Engineering Task Force, which is an open organization who does most of their work via their mailing list. Anyone can read the daily message archive or join. I was a member for several years and you too are welcome to lurk or join and be active.

    The only caveat is please remember this is how Jon Postel, DJB, and others of similar skill get work done. Anything you post goes to the email of many of the internet's primary architects, so please read for a while first to get a feel for how the group works, then contribute in your area of expertise. When posting, you're working with the world's top experts on internet technology, so please keep that in mind.

Their idea of an offer you can't refuse is an offer... and you'd better not refuse.