IETF members voted the protocol unanimously, even after members of the financial sector asked for the introduction of a backdoor in the protocol’s structure, so financial institutions could decrypt TLS 1.3 traffic inside internal networks.
The proposal was laughed off by experts, who pointed out that the backdoor would effectively make TLS 1.3 useless in the first place.
There is no way to safely insert a backdoor or “golden key” in encryption and maintain promised security on the storage and transmission of data. What’s incredible about this one, is that the financial institutions asking for the backdoor (to monitor their internal employees) would create a situation where their customers would be at risk. Which is more important?
March 27, 2018