First, let us apologize for taking so long to conclude this consensus call. We should have closed this much sooner.
After reviewing the responses on the mailing list, and taking into consideration discussions that took place during meetings, it is our assessment that there is rough consensus to deprecate FFDHE in TLS 1.2, i.e., all TLS_DHE_* ciphersuites. Authors, can you please update the document (and fix the clarification that Ekr recently raised) at your convenience? Best, Chris, Joe, Sean > On Dec 13, 2022, at 9:46 AM, Sean Turner <s...@sn3rd.com> wrote: > > During the tls@IETF 115 session topic covering > draft-ietd-tls-deprecate-obsolete-kex, the sense of the room was that there > was support to deprecate all FFDHE cipher suites including well-known groups. > This message starts the process to judge whether there is consensus to > deprecate all FFDHE cipher suites including those well-known groups. Please > indicate whether you do or do not support deprecation of FFDHE cipher suites > by 2359UTC on 6 January 2023. If do not support deprecation, please indicate > why. > > NOTE: We had an earlier consensus call on this topic when adopting > draft-ietd-tls-deprecate-obsolete-kex, but the results were inconclusive. If > necessary, we will start consensus calls on other issues in separate threads. > > Cheers, > Chris, Joe, and Sean > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
