On Fri, Nov 27, 2015 at 9:48 AM, Xuelei Fan <[email protected]> wrote:
> > > > I think, key_share is ordered too. If considering both key_share and >> > supported_groups together, looks like there are two options >> [...] >> >> Yes, I addressed the conflict of priorities in one of my PRs, but it's on >> my todo list to rewrite it as ekr noted a few parts that needed changing. >> We agreed on simply making the two orders be required to be the same, >> though at "SHOULD"-level requirement. Those that have them differ will be >> dealt with at the implementations' discretion. >> >> Requiring the two order the same would triage order checking. It may be > easier that the key_share does not define the order. > I may miss something. Can key_share offers two shares for the same group? For example, two DH public values (dh_Y) for the ffdhe2048? If yes, the key_share order is necessary. Otherwise, I think it is more simple to remove the order requirement of shares. Thanks, Xuelei
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
