Re: [TLS] Certificate keyUsage enforcement question (new in RFC8446 Appendix E.8)

[Yoav Nir]

> On 9 Nov 2018, at 13:40, Viktor Dukhovni <ietf-d...@dukhovni.org> wrote:
> 
>> On Nov 9, 2018, at 1:19 AM, Peter Gutmann <pgut...@cs.auckland.ac.nz> wrote:
>> 
>>> Well, ECDH keys (not really ECDSA) can do key agreement, and EC keys can be
>>> used for encryption with ECIES.
>> 
>> Sure, in theory, but in practice I've never seen an (EC)DH cert used in TLS
>> (despite actively looking for one,
> 
> Nor have I, and I rather think that introducing fixed-(EC)DH ciphers into
> TLS was a mistake, and glad to see them gone in TLS 1.3.

FWIW RFC 8422 also deprecates them for TLS 1.2 and earlier.

Yoav
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls