* I think we are closer to going in the other direction and allow TLS1.3 spec-compliant implementations aiming at post-quantum support to drop support for P-256 entirely. I don’t know whether there are any IETF rules about this, but changing MTI algorithms does not sound appropriate in a -bis document.
Cheers, Andrei From: Bas Westerbaan <bas=40cloudflare....@dmarc.ietf.org> Sent: Wednesday, June 5, 2024 7:22 AM To: Dennis Jackson <ietf=40dennis-jackson...@dmarc.ietf.org> Cc: tls@ietf.org Subject: [EXTERNAL] [TLS]Re: Curve-popularity data? One more thing: we are finalizing RFC 8446-bis right now, so if there is WG consensus to require that clients offer all MTI curves in the key_shares of their initial CH, then that would be a straightforward text change. I think we are closer to going in the other direction and allow TLS1.3 spec-compliant implementations aiming at post-quantum support to drop support for P-256 entirely. Agreed.
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
