Hi all,
I thank everyone who took time to think about the issue. The tone of my message below asked for a discussion of "allowed"/optional support for DSA with key size of 2K or bigger. So there would not be a required support for it. There is a number of validated DSA implementations out there with key size of 2K (http://csrc.nist.gov/groups/STM/cavp/documents/dss/dsanewval.htm) ( of course I don't know the number of the implementations without validations). DSA with 2K or bigger key sizes were added to FIPS 186 in June 2009 (FIPS 186-3). TLSs are used in more places than just public servers and common browsers. For the people who use DSA in TLSs, it would be nice if they could run TLS 1.3 with DSA if they choose to do so. Quynh. ________________________________ From: TLS <tls-boun...@ietf.org> on behalf of Dang, Quynh <quynh.d...@nist.gov> Sent: Friday, August 28, 2015 3:17 PM To: e...@rtfm.com; tls@ietf.org Subject: [TLS] DSA support in TLS 1.3. Hi all, DSA is supported in the previous versions of TLS. It would be nice if someone who uses DSA can use it in TLS 1.3 as well. People who don't use DSA, then they don't use DSA. People who use DSA right, it should be fine for them to use DSA. I don't see a convincing reason to remove support of DSA in TLS 1.3. Quynh.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
