@BRIAN_____ You know what... I'm willing to draw some fire. I'll ask the other authors, ADs, and maybe WG...
@ralphholz I think the problem was that there was a point at which it was decided it was more important to be finished than to be right.
-
-
@BRIAN_____ That's wrong. It was: if we MUST NOT DH1024, there are many servers that can't implement it, which is counter to a BCP's intent. -
@ralphholz Did anybody present data showing that there are a large # of real-world connections by clients that can't do 2048 bits or ECDHE? -
@BRIAN_____ Data, I don't think so. Although I'd guess@zakirbpd 's data shows it now. In the IETF, I recall enough being against it. -
@ralphholz I don't think many people would make an argument for recommending 1024-bit DHE as option #3 today, at least. -
@BRIAN_____ You'd be surprised. The NSA is not the only opponent you're trying to defend against. I drew fire for bringing up MUST NOT NULL. -
@ralphholz I know that gov'ts aren't the only opponents. But, people expect UTA to recommend (only?) things that are effective against them.
End of conversation
New conversation -
-
-
@BRIAN_____ Also, it was not possible to get other consensus...Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.