* I think that we might rather keep a mechanism that preserves the
possibility of the client-side to express a preference regarding a specific
cipher suite / curve and accept other curves only using the HRR-mechanism.
The proposed change does not take away the client's ability to express
preferences (the list of supported groups is prioritized), nor does it take
away the client's ability to accept other groups via HRR.
"When sent by the client, the "supported_groups" extension indicates
the named groups which the client supports for key exchange, ordered
from most preferred to least preferred."
From: Björn Haase <bjoern.haase=40endress....@dmarc.ietf.org>
Sent: Wednesday, June 5, 2024 7:04 AM
To: Eric Rescorla <e...@rtfm.com>; Peter Gutmann <pgut...@cs.auckland.ac.nz>
Cc: tls@ietf.org
Subject: [EXTERNAL] [TLS]Re: Curve-popularity data?
You don't often get email from
bjoern.haase=40endress....@dmarc.ietf.org<mailto:bjoern.haase=40endress....@dmarc.ietf.org>.
Learn why this is important<https://aka.ms/LearnAboutSenderIdentification>
Hi Eric, Hi all,
>One more thing: we are finalizing RFC 8446-bis right now, so if there is
>WG consensus to require that clients offer all MTI curves in the key_shares
>of their initial CH, then that would be a straightforward text change.
I think that we might rather keep a mechanism that preserves the possibility of
the client-side to express a preference regarding a specific cipher suite /
curve and accept other curves only using the HRR-mechanism.
E.g. a client might also have legitimate reasons to nudge servers to use a
stronger curve than P-256 in the initial CH and only fall back to weaker curves
by explicit request via HRR. Probably the reason for Chrome for requesting HRR
for P-256 is the attempt to nudge servers to use an algorithm which is believed
to provide advantages for the client-side implementation (possibly both,
speed/power or security or bandwidth) in comparison to P-256.
Björn.
Mit freundlichen Grüßen | Best Regards
Dr. Björn Haase
________________________________
Senior Expert Electronics | TGREH Electronics Hardware
Endress+Hauser Liquid Analysis
Endress+Hauser Conducta GmbH+Co. KG | Dieselstrasse 24 | 70839 Gerlingen |
Germany
Phone: +49 7156 209 10377
bjoern.ha...@endress.com<mailto:bjoern.ha...@endress.com> |
www.ehla.endress.com<http://www.ehla.endress.com/>
________________________________
Endress+Hauser Conducta GmbH+Co.KG
Amtsgericht Stuttgart HRA 201908
Sitz der Gesellschaft: Gerlingen
Persönlich haftende Gesellschafterin:
Endress+Hauser Conducta
Verwaltungsgesellschaft mbH
Sitz der Gesellschaft: Gerlingen
Amtsgericht Stuttgart HRA 201929
Geschäftsführer: Dr. Manfred Jagiella
________________________________
Gemäss Datenschutzgrundverordnung sind wir verpflichtet, Sie zu informieren,
wenn wir personenbezogene Daten von Ihnen erheben.
Dieser Informationspflicht kommen wir mit folgendem
Datenschutzhinweis<https://www.de.endress.com/de/cookies-endress+hauser-website>
nach.
________________________________
Disclaimer:
The information transmitted is intended only for the person or entity to which
it is addressed and may contain confidential, proprietary, and/or privileged
material. Any review, retransmission, dissemination or other use of, or taking
of any action in reliance upon, this information by persons or entities
other than the intended recipient is prohibited. If you receive this in error,
please contact the sender and delete the material from any computer.
This e-mail does not constitute a contract offer, a contract amendment, or an
acceptance of a contract offer unless explicitly and conspicuously designated
or stated as such.
_______________________________________________
TLS mailing list -- tls@ietf.org
To unsubscribe send an email to tls-le...@ietf.org
