RE: [TLS] TLS 1.1 and static DH

[<Pasi.Eronen@xxxxxxxxx>]

Peter Gutmann wrote:

> So perhaps the best option for TLS is to deprecate the static DH
> suites.  They seem to be pretty much entirely unsupported, and even
> if you did want to support them you'd end up in a quagmire from
> which extrication would prove difficult.

This question may become important if we want to progress TLS 1.2 to
Draft Standard, where we need two interoperable implementations for
every feature.

Based on the discussion so far, it looks like static DH suites might
be one feature where meeting that bar could be difficult.

Any opinions from the WG about this? Should we e.g. remove static 
DH suites from TLS 1.2, move them to a separate document, or
something else?

Best regards,
Pasi	

_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls