On Thu, Nov 27, 2025 at 8:02 AM John Mattsson <[email protected]> wrote:
> Eric Rescorla wrote: > > What's *not* compliant is if you have an implementation which doesn't > > support P-256, no matter what other groups it supports. > > As I wrote in my response to Bernstein, RFC 8446 mandates ECC only when no > application profile specifies otherwise. An application profile that > removes ECC is compliant with RFC 8446. > Yes, I agree with this. -Ekr
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
