Re: [TLS] Adoption call for Deprecating Obsolete Key Exchange Methods in TLS

Viktor Dukhovni writes: >The only other alternative is to define brand new TLS 1.2 FFDHE cipher code >points that use negotiated groups from the group list. But it is far from >clear that this is worth doing given that we now have ECDHE, X25519 and X448. There's still an awful lot of SCADA

Re: [TLS] Adoption call for Deprecating Obsolete Key Exchange Methods in TLS

On Fri, Jul 30, 2021 at 10:34:55AM +1000, Martin Thomson wrote: > On Fri, Jul 30, 2021, at 07:50, Joseph Salowey wrote: > > This is a working group call for adoption of Deprecating Obsolete Key > > Exchange Methods in TLS (draft-aviram-tls-deprecate-obsolete-kex-00 > >

Re: [TLS] Adoption call for Deprecating FFDH(E) Ciphersuites in TLS

I support the *contents* of this document. The title, however, I can't agree to. So I want to be clear about the scope of the work, namely deprecating semi-static FFDH and ECDH suites and any use of FFDHE ephemeral suites with reused keys. The draft limits the ban on ephemeral key reuse to

Re: [TLS] Adoption call for Deprecating Obsolete Key Exchange Methods in TLS

On Fri, Jul 30, 2021, at 07:50, Joseph Salowey wrote: > This is a working group call for adoption of Deprecating Obsolete Key > Exchange Methods in TLS (draft-aviram-tls-deprecate-obsolete-kex-00 > ). > There was

Re: [TLS] Adoption call for "Secure Negotiation of Incompatible Protocols in TLS"

On Fri, Jul 30, 2021, at 04:20, Christopher Wood wrote: > Based on positive feedback during this week's meeting, we'd like to > start an adoption call for "Secure Negotiation of Incompatible > Protocols in TLS." The document may be found here: > >

Re: [TLS] Adoption call for Deprecating FFDH(E) Ciphersuites in TLS

* This is a working group call for adoption for Deprecating FFDH(E) Ciphersuites in TLS

Re: [TLS] Adoption call for Deprecating Obsolete Key Exchange Methods in TLS

>This is a working group call for adoption of Deprecating Obsolete Key Exchange >Methods in TLS

[TLS] Adoption call for Deprecating FFDH(E) Ciphersuites in TLS

This is a working group call for adoption for Deprecating FFDH(E) Ciphersuites in TLS (draft-bartle-tls-deprecate-ffdhe-00 ). We had a presentation for this draft at the IETF 110 meeting and since it is a similar topic to the key

[TLS] Adoption call for Deprecating Obsolete Key Exchange Methods in TLS

This is a working group call for adoption of Deprecating Obsolete Key Exchange Methods in TLS (draft-aviram-tls-deprecate-obsolete-kex-00 ). There was support for adopting this draft at the IETF 111 meeting. Please review

Re: [TLS] Adoption call for "Secure Negotiation of Incompatible Protocols in TLS"

> Based on positive feedback during this week's meeting, we'd like to start > an adoption call for "Secure Negotiation of Incompatible Protocols in TLS." > The document may be found here: I support this. I will read and review, and perhaps make a PR that eventually adds this to OpenSSL.

Re: [TLS] Adoption call for "Secure Negotiation of Incompatible Protocols in TLS"

I support adoption On Thu, Jul 29, 2021 at 12:00 PM Benjamin Beurdouche < benjamin.beurdou...@inria.fr> wrote: > I support adoption. > B. > > > On Jul 29, 2021, at 10:22 PM, Christopher Wood > wrote: > > > > Based on positive feedback during this week's meeting, we'd like to > start an

Re: [TLS] Adoption call for "Secure Negotiation of Incompatible Protocols in TLS"

I support adoption. B. > On Jul 29, 2021, at 10:22 PM, Christopher Wood wrote: > > Based on positive feedback during this week's meeting, we'd like to start an > adoption call for "Secure Negotiation of Incompatible Protocols in TLS." The > document may be found here: > >

[TLS] Adoption call for "Secure Negotiation of Incompatible Protocols in TLS"

Based on positive feedback during this week's meeting, we'd like to start an adoption call for "Secure Negotiation of Incompatible Protocols in TLS." The document may be found here: https://datatracker.ietf.org/doc/draft-thomson-tls-snip/ And the source may be found here: