* I don’t think I get it. There’s a ton of submissions at NIST PQC, most came with some formal proofs. I can’t believe none of them is good enough. Anything from that pool should be better than nothing…?
We want to wait until NIST decides and not jump the gun. * Also, if you do have a running KDC, why would you want/need TLS 1.3 ECDHE in addition to it? I believe this is KDC as a generic term, not Kerberos. Many enterprises have a way to distribute keys to entities.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls