(again not quoting the original due to the presence of a no-derived-works disclaimer)
Yes, I was indeed asking for the key-exchange timings, since those are a fairly well-defined and somewhat transferable metric. However, once you have the value of the metric, you need to determine whether the difference in the metric is acceptable or not acceptable, and for that assessment the use-case and surrounding context are indespensible. The numbers here suggest that only in a limited set of use-cases will the additional cost of hybrid have a chance of outweighing the risk to the security properties of the system. Which presumably does not surprise either of us, but in particular the numbers here are *not* conclusive for all possible use cases and deployment contexts. I don't think we can reasonably publish the document without including some discussion of when the suitable use-cases and deployment contexts might occur, though. -Ben _______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
