On Dec 22, 2017, at 1:12 PM, John Mattsson <[email protected]> wrote: > In TLS 1.3, ECC is mandatory to support. This drastically reduces the sizes > of certificates and signatures (public key sizes from 384 bytes (RSA and DHE) > to 32 bytes (ECDHE) and signatures from 384 bytes (RSA) to 64 bytes (ECDSA > and EdDSA) ).
This doesn't help people with established certificates, business practices, etc. > Anything for older version of TLS would have to be pure recommendations or > guidance to preserve backward compatibility. I think we should update the > charter to cover guidance on how to handle large certificates and long > certificate chains in EAP-TLS with all versions of TLS. This could be handled > in the same bullet as “guidance or update to enable the use of TLS 1.3”. That would definitely be useful. Alan DeKok. _______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
