Thank you for the feedback.
I've addressed the first and last point in a proposed revision at
https://github.com/dstebila/draft-ietf-tls-hybrid-design/pull/46/files
As far as I understand, the middle point, on finite-field DH, is moot based on
the discussion between you and Ekr on the list.
If there are no concerns with these changes, then I'll merge them and post a
revised Internet-Draft.
Douglas
> On May 27, 2025, at 6:27 PM, Paul Wouters <[email protected]> wrote:
>
> Hi,
>
> I have some comments/questions regarding this document.
>
> Selecting which next-generation algorithms to use in TLS 1.3, or
> algorithm identifiers or encoding mechanisms for next-generation
> algorithms. This selection will be based on the recommendations
> by the Crypto Forum Research Group (CFRG), which is currently
> waiting for the results of the NIST Post-Quantum Cryptography
> Standardization Project [NIST].
>
> Can we remove the sentence "This selection will be based on ..." or if we want
> to leave the CFRG part in there, remove the part "which is currently......".
>
> I don't think this document should speculate on how selections will be made.
> The latter
> part additionally will age poorly (and seems already quite out of date right
> now). Just
> stating this document is not doing it is enough.
>
>
> Finite-field and elliptic-curve Diffie-Hellman key exchange
> methods used in TLS 1.3 satisfy this criteria.
>
> Can we note that Finite-field DH is however, being deprecated in
> draft-ietf-tls-deprecate-obsolete-kex. Or perhaps just not even mention
> finite-field groups anymore?
>
>
> Why is the document describing and registering(!) hybrids in Section 3.1 with
> Finite Field DHE?
>
> Please move the text in section 3.1 from "Specific values shall be registered
> by IANA in the TLS
> Supported Groups registry." to the end of the section to the actual IANA
> Considerations Section.
> Please also format things properly for the IANA entries, and specify that the
> RECOMMENDED
> column should be N, and the DTLS-OK column should be Y (presumably)
>
> Paul
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]
