Watson Ladd <[email protected]> writes:
>Clients don't validate DH parameters, and there is no list to check against,
>which needs to be fixed before we can recommend them.
Given that the standard ECC alternative to DH that everyone uses is NSA-
provided curves [0], I don't think that's much more sensible... the problem
with DH values could be easily solved by using FIPS 186-format parameters
rather than PKCS #3 ones. Or everyone just uses the IKE DH values (which is
what I do in my code).
Peter.
[0] I know about things like the Brainpool curves, but how many times have you
seen those used rather than, say, P256?
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
