> The main reason I think this warrants discussion is that dropping it would
> drop the maximum bits here, which whilst obviously not the only factor to
> take into account, will possibly not be desired by some. The main arguments
> for ditching is probably that it might not be safely implemente
> Is table 1 correct?
>
> +---+-++
> | Symmetric | ECC | DH/DSA/RSA |
> +---+-++
> | 80| 163 |1024|
> |112| 233 |2048
Do youmean key rotation or rekeying? I'd check Lukx Paterson
https://www.isg.rhul.ac.uk/~kp/TLS-AEbounds.pdf
Limits on Authenticated Encryption Use in TLS
All the best
Tanja
On Thu, Jun 24, 2021 at 05:31:58PM +, Salz, Rich wrote:
> I’m blanking on a term and web searches turn
Dear David, dear all,
> These printers use the RSA BSAFE library to implement TLS and this
> library implements the extended_random extension and assigns it number
> 40. This collides with the key_share extension and causes 1.3-capable
> handshakes to fail.
>
[..]
>
> (Lastly, we note that in the
Looks like this didn't make it out to the list. Forwarding
from my email address a message by Jon Solworth.
- Forwarded message from "Jon A. Solworth" -
Date: Fri, 8 Apr 2016 17:33:57 -0500
From: "Jon A. Solworth"
To: tls@ietf.org, Tanja Lange , "D. J. Be
