> On May 31, 2018, at 2:43 PM, Blumenthal, Uri - 0553 - MITLL <uri@xxxxxxxxxx> wrote: > > FWIW, I'm with Viktor in this argument. From cryptography point of view he's right. I suspect he's right from the practical point of view as well. This is not so much a matter of "right" or "wrong" as arguably "sensibly pragmatic" vs. "counter-productively cautious", or is it "negligently careless" vs. "duly conservative"? So these are judgement calls, but: https://tools.ietf.org/html/rfc7525#section-4.2 does recommend both DHE and ECDHE, so I'm on solid ground viz. the IETF. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
