HI, TLS 1.3 makes perfect sense. TLS 1.1 is thankfully pretty much outlawed now everywhere. TLS 1,2 acceptable as a minimum. Most frameworks and audit criteria looks to 1.3. https://www.ncsc.gov.uk/pdfs/guidance/using-tls-to-protect-data.pdf <https://www.ncsc.gov.uk/pdfs/guidance/using-tls-to-protect-data.pdf#:~:text=The%20NCSC%20recommends%20that%20government%20systems%20using%20TLS,only%20TLS%20versions%201.3%20and%201.2%20be%20deployed.> Who doesn't love and elliptical curve :) Carol On Fri, Dec 6, 2024 at 6:51 PM Salvatore D'Agostino <sal@idmachines.com> wrote:
Yes, interesting, passing along. Thanks Dan.
Building on TLS 1.3 for client/server makes a lot of sense.
Here is the technical article referenced in the blog post.
1063.pdf <https://eprint.iacr.org/2023/1063.pdf>
The record layer effectively uses a receipt.
*From:* Daniel Schleifer <dan@idmachines.com> *Sent:* Friday, December 6, 2024 1:00 PM *To:* Salvatore D'Agostino <sal@idmachines.com> *Subject:* Certificate usage
Hi Sal,
I saw this article and thought it was interesting.
https://brave.com/blog/distefano/
_______________________________________________ A Community Group mailing list of KantaraInitiative.org Wg-pemc mailing list -- wg-pemc@kantarainitiative.org To unsubscribe send an email to staff@kantarainitiative.org List archives -- https://mailman.kantarainitiative.org/hyperkitty/list/wg-pemc@kantarainitiat... ______ Group wiki -- https://kantara.atlassian.net/wiki/spaces/Wg-pemc