Viktor Dukhovni <[email protected]> writes: >The only other alternative is to define brand new TLS 1.2 FFDHE cipher code >points that use negotiated groups from the group list. But it is far from >clear that this is worth doing given that we now have ECDHE, X25519 and X448.
There's still an awful lot of SCADA gear that does FFDHE, and that's never going to change from that. The current draft as it stands is fine, in fact it seems kinda redundant since all it's saying is "don't do things that you should never have been doing in the first place", but I assume someone needs to explicitly say that. No need to go beyond that. Peter. _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
