RE: [TLS] TLS 1.1 and static DH

[Rob Dugal <RDugal@xxxxxxxxxxxx>]

The Certicom SSL-C product does contain
implementations of static DH ciphersuites. 
We don't currently have a public server
available for testing this implementation.
If there is enough interest we can add
these ciphersuites to tls.secg.org


-----------------------------------------------
Robert Dugal
Member of Development Group
Certicom Corp.
EMAIL: rdugal@xxxxxxxxxxxx
PHONE: (905) 501-3848
FAX  : (905) 507-4230
WEBSITE: www.certicom.com

<Pasi.Eronen@xxxxxxxxx> wrote on 10/27/2006
05:30:31 AM:

> Peter Gutmann wrote:
> 
> > So perhaps the best option for TLS is to deprecate the static
DH
> > suites.  They seem to be pretty much entirely unsupported,
and even
> > if you did want to support them you'd end up in a quagmire from
> > which extrication would prove difficult.
> 
> This question may become important if we want to progress TLS 1.2
to
> Draft Standard, where we need two interoperable implementations for
> every feature.
> 
> Based on the discussion so far, it looks like static DH suites might
> be one feature where meeting that bar could be difficult.
> 
> Any opinions from the WG about this? Should we e.g. remove static
> DH suites from TLS 1.2, move them to a separate document, or
> something else?
> 
> Best regards,
> Pasi   
> 
> _______________________________________________
> TLS mailing list
> TLS@xxxxxxxxxxxxxx
> https://www1.ietf.org/mailman/listinfo/tls
_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls