Is there benefit in stating that the server SHOULD choose a safe group, even if
the client is unable to negotiate one?
Either way, I would support deprecating FFDHE completely.
> On Jul 30, 2021, at 12:46 PM, Viktor Dukhovni wrote:
>
> On Fri, Jul 30, 2021 at 07:30:31PM +, Scott Fluhrer (
On 7/30/21 5:31 PM, Sean Turner wrote:
>
>> On Jul 30, 2021, at 05:08, Hannes Tschofenig
>> wrote:
>> 4. Is the update to RFC 7525 relevant given that there is an update of RFC
>> 7525 in progress (see
>> https://datatracker.ietf.org/doc/html/draft-ietf-uta-rfc7525bis-01) and even
>> near
Viktor Dukhovni writes:
>with confirmation from Peter Gutmann below that any custom groups we're
>likely to encounter are almost certainly safe
Well, I haven't examined every crypto library on the planet, it's not to say
there isn't something somewhere that implements its keygen as:
for i = 0 t
Given that I got a response to a different message on this topic, and that
Martin is making a similar point to that I made below, my guess is that
this message got lost in the shuffle.
On Sun, Jul 18, 2021 at 19:26 Michael StJohns
wrote:
> On 7/16/2021 7:55 PM, Christopher Wood wrote:
> > This
