1. Perhaps the kind folks at Qualsys ssllabs.com have some recent stats for us,
given that they track DH reuse under "Protocol Details" when you run their
https://www.ssllabs.com/ssltest/analyze.html tool. 2. The DoS (prevention)
engineers should also weigh in on this. Would servers not start reusing TLS
1.3 keyshare values when under DoS attack? --Roelof ---- On Wed, 05 Dec 2018
14:34:44 -0500 Viktor Dukhovni <ietf-d...@dukhovni.org> wrote ---- > On Dec 5,
2018, at 2:19 PM, R duToit <r@nerd.ninja> wrote: > > Quote: "As we will discuss
later, we empirically find that at least 7.2% of HTTPS domains in the Alexa Top
Million reuse DHE values and 15.5% reuse ECDHE values." That survey is now
dated. Library defaults matter, and it used to be the case in OpenSSL that it
was all to easy to re-use (EC)DHE keys. This is no longer the case, and if that
survey were repeated today, servers not running unpatched EOL code would not
re-use (EC)DHE keys. I rather expect the amount of re-use is much lower now,
and will be essentially zero in the next couple of years (as most of the
remaining outdated software is replaced). Some Internet metrics can change in
just a few years. -- Viktor.
_______________________________________________ TLS mailing list TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
