On Friday, August 28, 2015 04:21:53 pm Hanno Böck wrote: > On Fri, 28 Aug 2015 19:17:39 +0000 > "Dang, Quynh" <quynh.d...@nist.gov> wrote: > > I don't see a convincing reason to remove support of DSA in TLS 1.3. > > The reason is avoiding feature bloat. I think it makes a lot of sense > to question the support of features nobody uses.
At minimum, it's almost certainly getting cut from the TLS 1.3 specification document. It's obsolete, even by DSS standards, and either needs significant updating (e.g. use SHA-2) or dropping. The question will likely be whether it should be considered no longer acceptable or something which is permitted, just rarely supported and described in another document. I'd rather just declare it obsolete and no longer permitted to avoid the attack surface and complexity, and I get an impression that this is a common opinion in the WG. Dave _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
