At the risk of stating the obvious, it’s because server owners want to use the same OpenSSL, NSS, SChannel, or whatever you call the Java library that everybody else uses. They’re all widely used, actively maintained, and essentially free.
None of these libraries support any of this functionality. > On 15 Mar 2018, at 2:16, Watson Ladd <watsonbl...@gmail.com> wrote: > > One can either use a static DH share, save the ephemerals on the > servers and export them, or log all the data on the servers. > > These options don't require any change to the wire protocol: they just > require vendors supporting them. Why don't they meet the needs cited? > > Sincerely, > Watson > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls