Salz, Rich <rsalz=40akamai....@dmarc.ietf.org> writes: >Do we need a short RFC saying “do not use static DH” ?
There are two things arguing against it: Reason the first: Static-ephemeral DH was a dumb idea when it was proposed in X9.42 more than twenty years ago and hasn't gotten any better since then. If people haven't learned from twenty years of papers and attacks then yet another publication telling them about it probably won't make any difference. Reason the second: Telling people not to use static-ephemeral DH will mean telling them not to use 25519 key exchange, which will make their heads asplode. Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
