> On Dec 5, 2018, at 2:19 PM, R duToit <r@nerd.ninja> wrote:
>
> Quote: "As we will discuss later, we empirically find that at least 7.2% of
> HTTPS domains in the Alexa Top Million reuse DHE values and 15.5% reuse ECDHE
> values."
That survey is now dated. Library defaults matter, and it used to be
the case in OpenSSL that it was all to easy to re-use (EC)DHE keys.
This is no longer the case, and if that survey were repeated today,
servers not running unpatched EOL code would not re-use (EC)DHE keys.
I rather expect the amount of re-use is much lower now, and will be
essentially zero in the next couple of years (as most of the remaining
outdated software is replaced).
Some Internet metrics can change in just a few years.
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
