On Wed, Mar 18, 2026 at 04:38:42PM +0100, Muhammad Usama Sardar wrote:
> > I just
> > don't see tangible value it the proposed change, it feels to me like
> > security theatre.
>
> Are you denying all the reasons presented in the thread, e.g., mitigate
> correlation of different connections and side-channel attacks, additional
> complexity for code reuse, etc.?
What I'm denying (more precisely fairly sceptical about) is whether the
change has any practical value. I don't see it making any difference,
and if, hypothentically, in the future I would find a compelling case for
keyshare reuse, I'd go ahead and reuse, the new text notwithstanding.
The current SHOULD NOT text is quite sufficient to make it clear that
almost always single use is better, and the client needs good reason
to do otherwise, updating this to MUST does looks like a feel good
exercise that does not in practice change anything.
--
Viktor. 🇺🇦 Слава Україні!
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]
