I see absolutely nothing wrong with using FFDH(E) and ECDH, as long as at least one of the keys is ephemeral. There is no need to “warn away”, IMHO.
Regards, Uri > On Aug 17, 2021, at 15:19, Salz, Rich <rsalz=40akamai....@dmarc.ietf.org> > wrote: > > > I still support adoption, as I said a couple of weeks ago. I also still think > we should consider merging this and > draft-aviram-tls-deprecate-obsolete-kex-00. > > I know that I’ve also said this before (can’t find it in my “sent mail” > folder), but the fact that some communities can still use this safely, or > must use it (for a variety of reasons usually around the infeasibility of > upgrading), doesn’t mean that the general populace should not be warned away > from doing these kinds of things. > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
