This site reflects work in progress.

Read the specification (a precursor to an Internet Draft)

About this specification

The TLS-DH specification basically aims to revitalise ANON-DH through an extension that says:

Sure, I know ANON-DH does not authentication client or server sides, but it introduces PFS which I would like to have. I promise (by sending the specified extension) not to send (or accept) any application data before authentication has completed (through secure renegotiation).