At IETF 119 we had discussion that static DH certificates lead to static key exchange which is undesirable. Although the current draft deprecates static DH ciphersuites, it seems that RFC 5246 allows the client to provide a certificate with a static DH keypair to provide static parameters in (EC)DHE in TLS 1.2 (I don't know of any implementations that do this).
Yes.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
