https://raccoon-attack.com/
Do we need a short RFC saying “do not use static DH” ?
I am probably not the only one thinking fondly of
draft-green-tls-static-dh-in-tls13 now.
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
I also want to remind about so called "Enterprise TLS" — if I remember
correctly, they introduced this bug to their modified TLS 1.3
specification...
ср, 9 сент. 2020 г., 18:04 Salz, Rich :
> https://raccoon-attack.com/
>
>
>
> Do we need a short RFC saying “do not use static DH” ?
>
>
>
> I am p
Hi Rich,
I think static DH, or reusing ephemerals, has always been a weak point of TLS
implementations: e.g. if you don’t validate the peer’s public value, you may
leak your (reusable) private value. In principle, if implemented correctly,
static DH can be ok if you don’t care about forward sec
The Minutes and Materials for TLS ECH Interim 01 can be found at the
following link
https://datatracker.ietf.org/meeting/interim-2020-tls-02/session/tls
A link to the meeting recording is in the minutes.
___
TLS mailing list
TLS@ietf.org
https://www.iet
The second TLS ECH Interim is scheduled for Monday, Sep 21 2020, 15:00 UTC
(8:00 PDT). More details will follow.
Cheers,
Joe and Sean
On Fri, Sep 4, 2020 at 5:45 PM Joseph Salowey wrote:
> We had a good meeting on Thursday. Minutes will be posted soon. Since we
> did not make it through all
