Jack Grigg writes:
> As the paper states at the top of page 4, X-Wing includes the recipient's
> X25519 public key "as a measure of security against multi-target attacks,
> similarly to what is done in the ML-KEM design".
Thanks for the data. Assuming arguendo that this matters (as in my first
mes
>
> The arguments for multiple KEMs are
> stronger than the arguments for multiple combiners.
>
X-Wing is a KEM — not a combiner. I agree there should preferably be one
go-to generic combiner. Insisting that X-Wing use that generic combiner, is
not dissimilar to insisting that every KEM that uses
Bas Westerbaan writes:
> X-Wing is a KEM - not a combiner.
Sure, but there's a combiner present inside it---and even advertised:
see "X-Wing uses the combiner" etc. at the beginning of this thread.
If people are motivated by things like http://tinyurl.com/5cu2j5hf to
use the same combiner with a
On Tue, Jan 16, 2024 at 8:24 AM D. J. Bernstein wrote:
> Bas Westerbaan writes:
> > X-Wing is a KEM - not a combiner.
>
> Sure, but there's a combiner present inside it---and even advertised:
> see "X-Wing uses the combiner" etc. at the beginning of this thread.
>
> If people are motivated by thi
The following errata report has been held for document update
for RFC8446, "The Transport Layer Security (TLS) Protocol Version 1.3".
--
You may review the report below and at:
https://www.rfc-editor.org/errata/eid6205
--
S
The following errata report has been held for document update
for RFC8996, "Deprecating TLS 1.0 and TLS 1.1".
--
You may review the report below and at:
https://www.rfc-editor.org/errata/eid7769
--
Status: Held for Document
The following errata report has been verified for RFC8996,
"Deprecating TLS 1.0 and TLS 1.1".
--
You may review the report below and at:
https://www.rfc-editor.org/errata/eid7103
--
Status: Verified
Type: Editorial
Reported
I believe that the current 8446-bis text addresses this. Martin?
On Tue, Jan 16, 2024 at 4:59 PM RFC Errata System
wrote:
> The following errata report has been held for document update
> for RFC8446, "The Transport Layer Security (TLS) Protocol Version 1.3".
>
>
The following errata report has been held for document update
for RFC8422, "Elliptic Curve Cryptography (ECC) Cipher Suites for Transport
Layer Security (TLS) Versions 1.2 and Earlier".
--
You may review the report below and at:
https://www.rfc-editor.org/err
The following errata report has been held for document update
for RFC8446, "The Transport Layer Security (TLS) Protocol Version 1.3".
--
You may review the report below and at:
https://www.rfc-editor.org/errata/eid5682
--
S
The following errata report has been held for document update
for RFC7919, "Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for
Transport Layer Security (TLS)".
--
You may review the report below and at:
https://www.rfc-editor.org/errata/eid4908
Yeah, we talked about this one and came to a reasonable conclusion that was
based on what I wrote at the time, but better because RFC 8773 exists.
The added text:
> In the absence of some other specification to the contrary, servers which are
> authenticating with an external PSK MUST NOT send
12 matches
Mail list logo
