Re: [TLS] Adoption call for Deprecating FFDH(E) Ciphersuites in TLS

Dear colleagues: I think this document should absolutely *not* be adopted, without providing far more technical justification. The quoted Raccoon attack is an easy to mitigate attack (which has nothing to do with finite field groups, just with poor design choices of postprocessing, where one u

Re: [TLS] Adoption call for Deprecating FFDH(E) Ciphersuites in TLS

I agree with Rene’s points. -- Regards, Uri From: TLS on behalf of Rene Struik Date: Friday, August 13, 2021 at 09:58 Dear colleagues: I think this document should absolutely *not* be adopted, without providing far more technical justification. The quoted Raccoon attack is an

Re: [TLS] WGLC for draft-ietf-tls-cross-sni-resumption

This document seems generally fine. I agree with MT that the security considerations could be beefed up. On Wed, Aug 11, 2021 at 3:53 PM Carrick Bartle wrote: > Okay, in that case, I wouldn't use the word "re-validated," since to me > that sounds like the certificate is to be completely validate

Re: [TLS] WGLC for draft-ietf-tls-cross-sni-resumption

I've submitted a PR that addresses this issue: https://github.com/vasilvv/tls-cross-sni-resumption/pull/3 In general though, I support publication of this draft. > On Aug 11, 2021, at 3:50 PM, Carrick Bartle > wrote: > > Okay, in