One can either use a static DH share, save the ephemerals on the servers and export them, or log all the data on the servers.
These options don't require any change to the wire protocol: they just require vendors supporting them. Why don't they meet the needs cited? Sincerely, Watson _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
