> On Jun 19, 2018, at 11:17 AM, Ben Personick <ben.person...@iongroup.com>
> wrote:
>
> Yes, I meant ECDHE_ECDSA and ECDHE_RSA are both supported in TLS 1.3, I’d
> been lead to believe that all RSA based ciphers were not supported.
>
> Having seem some further responses, it appears it is only the NON ECDHE RSA
> Based ciphers which are having support dropped in TLS 1.3
I may have been too cryptic. When I wrote (EC)DHE I meant both DHE and ECDHE.
However, some (early) implementations may only support ECDHE with TLS 1.3.
IIRC, OpenSSL 1.1.1 does not yet support the TLS 1.3 DHE groups. So
interoperability if you only support DHE may be problematic.
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
