On Fri, Apr 7, 2023 at 2:19 PM Rob Sayre wrote:
> Hi,
>
> I think this concern is really reasonable.
>
> I would suggest publishing it on the independent stream, not AD
> sponsorship. It's not an end-run around any IETF activity, but it should be
> documented.
>
> thanks,
> Rob
>
And, just in
Hi,
I think this concern is really reasonable.
I would suggest publishing it on the independent stream, not AD
sponsorship. It's not an end-run around any IETF activity, but it should be
documented.
thanks,
Rob
On Fri, Apr 7, 2023 at 11:19 AM Andrei Popov wrote:
>
>- That seems way to
* That seems way to soft and does not say anything about reusing a key
share in an _ECDHE_ cipher suite for a long time making it static. But
RFC8446bis now has added SHOULD NOT reuse key share which is very welcome. My
preference would be MUST NOT reuse.
Agreed, and I also generally agree
On 3/27/23 8:28 AM, Yannick LaRue wrote:
Furthermore, our proposal to use ECDHE for securing connections
without a certificate provides the same level of assurance as the use
of low-assurance certificates, such as those issued by Let's Encrypt
or Cloudflare, which do not guarantee the
Thanks!
>“Implementations MUST NOT negotiate the cipher suites with NULL encryption.”
I will add a link to RFC 9325 in the next version of
draft-mattsson-tls-psk-ke-dont-dont-don’t
>“Implementations SHOULD NOT negotiate cipher suites based on non-ephemeral
>(static) finite-field