Viktor Dukhovni <ietf-d...@dukhovni.org> writes: >Well, ECDH keys (not really ECDSA) can do key agreement, and EC keys can be >used for encryption with ECIES.
Sure, in theory, but in practice I've never seen an (EC)DH cert used in TLS (despite actively looking for one, since it'd be a collectors item for the cert collection [0]), and I doubt most implementations could even deal with one if they saw one. Also, I don't think any TLS implementation, or specification, does ECIES. So it's pretty much self-regulating... Peter. [0] I know some test certs were generated about 20 years ago to demonstrate X9.42 use in S/MIME, but that's all I'm aware of. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls