Hi Ilari, On 14/06/2016 20:01, "TLS on behalf of Ilari Liusvaara" <tls-boun...@ietf.org on behalf of ilariliusva...@welho.com> wrote:
>I too haven't seen an argument (or am I able to construct one >myself) on why using the same key causes more issues than >"more difficult for cryptographers" (without assumptions known >to be false or cause severe problems no matter what). > > >Such arguments could include e.g. crypto screw (no proof of >exploitability needed), implementability, narrowing works-vs- >correct gap, etc... > > >About every other issue I could come up with, it seems to be just >as bad with separate keys and public content types (except those >ones that are just worse with public content types of course). > Since no-one else replied: it's a detailed technical issue about constructing proofs of security. At a very high level, and at the risk of over-simplifying, the more "key separation" you have, the easier it is to get them to go through. Maybe someone else who is more into the details than me can chime in with the next-level explanation. Cheers Kenny > > >-Ilari > >_______________________________________________ >TLS mailing list >TLS@ietf.org >https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
