> On 6 Aug 2021, at 3:31 pm, Benjamin Kaduk
> <[email protected]> wrote:
>
>> That said, I've given up fighting potentially counter-productive "raising
>> the floor"
>> rather than "the celing" on all fronts, and now try to focus on just the
>> most important
>> cases. Thus have accepted the fact that sadly no anon (EC)DH ciphers are
>> available with
>> TLS 1.3.
>
> Well, yes, because TLS 1.3 ciphers only indicate the hash function and AEAD.
Yes, correct on a technicality: for anon_DH I'd need a null signature scheme,
but the intended point was that TLS without server certificates is presently
not supported in TLS 1.3. I have not chose to campain to bring it back at
this time...
--
Viktor.
_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls
