> I think, key_share is ordered too. If considering both key_share and > > supported_groups together, looks like there are two options > [...] > > Yes, I addressed the conflict of priorities in one of my PRs, but it's on > my todo list to rewrite it as ekr noted a few parts that needed changing. > We agreed on simply making the two orders be required to be the same, > though at "SHOULD"-level requirement. Those that have them differ will be > dealt with at the implementations' discretion. > > Requiring the two order the same would triage order checking. It may be easier that the key_share does not define the order.
> > For this case, key_share can be omitted to indicate to request server > > choice shares. > > I dislike special cases; people screw them up. Life is easier if all > (EC)DHE suites need a fixed set of accompanying extensions. Less > complicated and simpler to describe clearly. (as pointed out, omitting it > left us with garbled text, though that was also just due to us > flip-flopping on how to handle it) I meant that the proposal uses one of the options for the final version, not both. It may be more simple, I think. Thanks, Xuelei
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
