> What I'm against is blanket forbidding of FFDHE in TLSv1.2.
The subject says "deprecate". That seems to have caused much of the discussion. Would a BCP be a better approach? That might provide a good setting to discuss the issues. There is no reason to limit a BCP to TLSv1.2 or FFDHE. Is there a Moore's Law of crypto? What's the time scale? How often should a BCP be updated? -- These are my opinions. I hate spam. _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
