On Fri, 28 Aug 2015 19:17:39 +0000 "Dang, Quynh" <quynh.d...@nist.gov> wrote:
> DSA is supported in the previous versions of TLS. It would be nice if > someone who uses DSA can use it in TLS 1.3 as well. Do you have a plausible reason why you want to use DSA? Or is this purely a theoretical consideration? Because this discussion came up multiple times here and I can't remember anyone having a real world use case for DSA. From net wide scans it seems DSA certs are almost nonexistent. > I don't see a convincing reason to remove support of DSA in TLS 1.3. The reason is avoiding feature bloat. I think it makes a lot of sense to question the support of features nobody uses. Therefore I'm very interested to hear why anybody would want to use DSA. "Just because someone could" isn't a good reason. (Also DSA has a well-known weakness with bad random numbers.) -- Hanno Böck http://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: BBB51E42
pgpNMWVrh6boY.pgp
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
