Lester White <les.wh...@engineer.com> writes: > Title : Preferred Pronouns Extension for TLS
I think the Security Considerations section needs to mention two security considerations, firstly the preferred identity is an unauthenticated parameter and can't safely be used until the Finished message definitely determines its validity so it shouldn't be used until after the other side's Finished message is received, and secondly that the odd-numbered (presumably "prime" is meant) number of experts needs to be at least 1024 bits worth, and a strong prime, i.e. p-1 and p+1 should have large prime factors. The suggested value of 11 doesn't meet these criteria, so should be changed for a value that does. Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
