> From: openssl-users <openssl-users-bounces@xxxxxxxxxxx> On Behalf Of ???? > Sent: Sunday, 29 August, 2021 07:04 > Specifically, we are trying to enable “ephemeral public key” and > “ephemeral private key" for SSL/TLS. I'm afraid it is not clear to me, at least, what you are trying to do. Are you attempting to implement a standard protocol that incorporates ephemeral key pairs, such as EKE, into TLS? Are you implementing a standard specifically for TLS that I'm not aware of? (That's quite possible; I don't follow TLS standards closely.) If not, what is your use case? How do you see your protocol interacting with TLS? Some might argue that OpenSSL is not especially well-suited for adding experimental ciphersuites and protocols to its TLS implementation. Its focus is on providing a secure and rich commercial implementation of TLS and various cryptographic operations and protocols, not on providing a toolkit for researchers. I've never used quictls (as I think QUIC is broadly undesirable for most applications), but my understanding is that it's a fork of OpenSSL, so it's probably not any better in that regard. -- Michael Wojcik
