On 19.03.26 01:41, Viktor Dukhovni wrote:
On Wed, Mar 18, 2026 at 04:38:42PM +0100, Muhammad Usama Sardar wrote:I just don't see tangible value it the proposed change, it feels to me like security theatre.Are you denying all the reasons presented in the thread, e.g., mitigate correlation of different connections and side-channel attacks, additional complexity for code reuse, etc.?What I'm denying (more precisely fairly sceptical about) is whether the change has any practical value. I don't see it making any difference,
Not making a difference for OpenSSL != not making a difference for others.I thought OpenSSL is not /the only/ thing folks in WG care about. Maybe I am wrong?
and if, hypothentically, in the future I would find a compelling case for keyshare reuse, I'd go ahead and reuse, the new text notwithstanding.
I'd like to know such a compelling case.
The current SHOULD NOT text is quite sufficient to make it clear that almost always single use is better, and the client needs good reason to do otherwise, updating this to MUST does looks like a feel good exercise that does not in practice change anything.
Ditto the statements above for OpenSSL. Best regards, -Usama
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
