Tricky tradeoffs are hard to avoid when designing systems, but the choice not to use LLMs for some tasks is clear

Systems Approach As we neared the finish line for our network security book, I received a piece of feedback from Brad Karp that my explanation of forward secrecy in the chapter on TLS (Transport Layer Security) was not quite right.

This is a perennial concern for me – that I will get something wrong in my explanations of security because I have not lived and breathed the field the way a true security expert would.

A lot of my writing is based on my reading of relevant RFCs, which are not always the easiest going for a non-expert, but can usually be considered authoritative. I spent enough time with the TLS RFCs to pick up the fact that there is a tradeoff between using “0-RTT” data (data sent along with the first TLS handshake message before the handshake completes) and forward secrecy. I went back to the RFC to check my ...