> On Nov 20, 2018, at 00:20, Christian Huitema <huitema@xxxxxxxxxxx> wrote: > > > >> On Nov 19, 2018, at 5:26 AM, Michael Richardson <mcr+ietf@xxxxxxxxxxxx> wrote: >> >> Can you give me an example of what you mean? >> (i.e. "Use "TLS MUST NOT in a sentence" :-) > > Of course it can be done: > "Clients SHOULD detect repeated use of the same [EC]DH key share by a server, and MAY terminate TLS connections with alert Repeated-key-share detected when detecting this form of server misbehavior." It will just use prf(secretseed) maybe with a prefix for random(number of rounds). How will you detect those ? > That belongs in the to be written RFC "ETSI extensions to TLS considered harmful". Of course, we may debate whether we want to publish such RFC. I would like to see a discussion of this, even if we end up not writing one. Paul
