On Tue, Oct 25, 2022 at 6:30 AM Rob Sayre wrote:
> I don't think anyone actually uses it,
>
1% of Cloudflare's TLS 1.3 handshakes today used an HRR.
I hope a de facto PQ kex will emerge — the old strategy of just sending
multiple keyshares is more expensive with large PQ public keys (~1kB). We
On 10/25/22 06:30, Rob Sayre wrote:
That's ok. I noticed that no one seems to test it very well. That's why
I raised the possibility of deletion.
I don't think anyone actually uses it, but Stephen's request for data is
probably the way to go.
Hi,
HRR is used as well to the cookie retur
On Mon, Oct 24, 2022 at 01:07:25PM -0700, Eric Rescorla wrote:
> Hi Folks,
>
> I have just published draft-ietf-tls-rfc8446bis-05, with
> the following changes:
Should there be "SHOULD NOT reuse key shares between client hellos"?
I did't find such requirement (or maybe it is there but I just mis
On Tue, Oct 25, 2022 at 3:43 AM Bas Westerbaan wrote:
>
> 1% of Cloudflare's TLS 1.3 handshakes today used an HRR.
>
...
> For those reasons I think it's a bit early to consider retiring HRR.
>
OK, that's more than I expected, although I kind of wonder what
combinations are doing this.
But, d
In TLS <= 1.2, the client and server agree on the (EC)DHE group to use for key
exchange by negotiating it (at the cost of a round-trip).
In TLS 1.3, the client tries to guess what (EC)DHE group(s) the server might
support and sends key share(s) accordingly (saving a round-trip).
When a TLS 1.3 c
On Tue, Oct 25, 2022 at 3:40 PM Andrei Popov
wrote:
> (It's also not clear to me how we would get rid of HRR in a future TLS
> version, without removing algorithm options, adding round-trips, or relying
> on some out-of-band signals.)
>
It was pretty much the idea to do those things, although I
On Tue, Oct 25, 2022, at 16:48, Peter Gutmann wrote:
> But it's not the same thing, it only seems to cover some TLS 1.3 extensions.
> Thus my suggestion to call it "Extensions to the SSLKEYLOGFILE Format for TLS
> 1.3".
That's not the intent. Section 3.2 covers all you need for TLS 1.2.
I did no
