> I find this a very bizarre outcome that works against our collective goals. > If there is no mechanism at all, then it is quite likely that organizations > will use static-DH or stay on TLS1.2. Those are bad options, in my opinion, > because there's no signaling or opt-in to the client. We can do much better > than that.
If an organization needs to decrypt the network traffic, then it should probably continue to use a scheme that has a static key so that it can do that. At least for the next three years. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
