On Mon, 15 Apr 2024 at 22:14, Joseph Salowey <j...@salowey.net> wrote: > > At IETF 119 we had discussion that static DH certificates lead to static key > exchange which is undesirable. Although the current draft deprecates static > DH ciphersuites, it seems that RFC 5246 allows the client to provide a > certificate with a static DH keypair to provide static parameters in (EC)DHE > in TLS 1.2 (I don't know of any implementations that do this). > > Should the draft deprecate these ClientCertificateTypes and mark the entries > (rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, ecdsa_fixed_ecdh) as 'D' > discouraged? > > Please respond with any comments on this proposal by April 30,2024. >
Yes. > Thanks, > > Sean, Deirdre and Joe > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
