Am 10.09.20 um 11:23 schrieb Peter Gutmann:
Reason the second: Telling people not to use static-ephemeral DH will mean telling them not to use 25519 key exchange, which will make their heads asplode. Peter.
So, risking damaged heads: Does using x25519 for ECDHE is significant less secure than using it with e.g. secp384r1? Or do I mix-up things and "DH with 25519 keys" is something different? best regards Achim Kraus _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
