On Tue, Sep 29, 2020 at 12:49 PM Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu> wrote: > > I share Achim's concerns. > > But I believe the explanations will turn out mostly useless in the real > world, as the "lawyers" of the industry are guaranteed to steer away from > something "not recommended". > > In one word: bad.
Why is PSK so necessary? There are very few devices that can't handle the occasional ECC operation. The key management and forward secrecy issues with TLS-PSK are real. Steering applications that can afford the CPU away from PSK and toward hybrid modes is a good thing and why this registry exists imho. -- Astra mortemque praestare gradatim _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
