On Wed, Sep 16, 2015 at 06:40:47PM -0700, Bill Frantz wrote:
> I agree with both Nico and Viktor. For me the big win of RPK over
> anon_(EC)DH is it allows TOFU. If TOFU isn't needed, short public
> keys should ease many of Viktor's cons. I also like the idea of
> simpler implementations.
Eh,
On Wed, Sep 16, 2015 at 10:40:28AM -0700, Martin Thomson wrote:
> On 15 September 2015 at 18:00, Joseph Salowey wrote:
> > remove anonymous DH
>
> +1
>
> It's not like we're making the use case impossible, just that the
> solution will look different.
And will be more costly.
On Wed, Sep 16, 2015 at 01:20:37PM -0700, Brian Smith wrote:
> I think it is a good idea to remove DH_anon_* and similar ECDH_anon_*
> cipher suites.
>
> This isn't an endorsement of the raw public key modes.
Sure, one can always use self-signed certs (at an even higher cost to do
anonymity).
In addition, they are already part of TLS, so the question would be if we
have
consensus to remove them
-Ekr
On Wed, Sep 16, 2015 at 2:01 PM, Nico Williams
wrote:
> On Wed, Sep 16, 2015 at 01:20:37PM -0700, Brian Smith wrote:
> > I think it is a good idea to remove
On Wed, Sep 16, 2015 at 07:07:31PM -0400, Dave Garrett wrote:
> This appears to just be a miscommunication.
It is not.
> The current poll is to remove anon ciphers in favor of raw public
> keys. We're not considering removing raw public keys, as far as I
> know, and I think most of us would be
On 9/16/15 at 4:23 PM, n...@cryptonector.com (Nico Williams) wrote:
Whichever one is removed, I shall oppose the removal of the other.
On 9/17/15 at 5:21 PM, ietf-d...@dukhovni.org (Viktor Dukhovni) wrote:
The costs are likely noticeable for 4096-bit RSA keys. In the end
though, if
On Wed, Sep 16, 2015 at 02:25:52PM -0700, Brian Smith wrote:
> On Wed, Sep 16, 2015 at 2:05 PM, Eric Rescorla wrote:
>
> > In addition, they are already part of TLS, so the question would be if we
> > have
> > consensus to remove them
> >
>
> This thread is about the removal
Remove it.
--
Senior Architect, Akamai Technologies
IM: richs...@jabber.at Twitter: RichSalz
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls