Let me clarify that the document also has RSA as a MUST NOT. So there will be no reason to read this document and switch from FFDHE to RSA.
On Wed, 14 Dec 2022 at 06:09, Peter Gutmann <pgut...@cs.auckland.ac.nz> wrote: > Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu> writes: > > >I do not support deprecation, because there will be deployed devices (IoT, > >SCADA) that aren’t upgradable – and the new stuff will have to access > them. > > It's actually much worse than just SCADA, there are deployments in things > like > wholesale banking where the semi-deprecation of DH suites has led to them > falling back to RSA instead. This pointless removal of FFDHE, while it'll > be > written as MUST NOT FFDHE, will actually be MUST RSA in some environments. > > In other words not only will it not make things any more secure, it'll make > some things much, much less secure. > > Peter. > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
