Hey there TLSWG ✨ I have opened a PR to make explicit the supported mechanisms for generating ephemeral keys in hybrid TLS 1.3 key exchanges, especially where the component algorithms of the hybrid `NamedGroup` may also be supported as their own `NamedGroup`s in a `ClientHello`, and how to share (or not share) values in that message:
https://github.com/dstebila/draft-ietf-tls-hybrid-design/pull/31 There are at least two documents instantiating new hybrid `NamedGroup`s as laid out in this document and they are all a bit... loose in what is the correct or acceptable methods of generating this ephemeral key material, so I am suggesting explicit supported mechanisms to take the guess work out of it. Cheers, Deirdre
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
