From 986cf3b986c6c3e1495327eb3aa1ffc3972f2442 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= <tniessen@tnie.de>
Date: Fri, 14 Jan 2022 17:43:40 +0100
Subject: [PATCH] doc: remove statement about (EC)DHE performance

This statement is misleading in that it says "key generation is
expensive". ECDHE key generation (over the elliptic curves that are
commonly used for TLS) is insanely fast compared to most other types
of key generation.

This statement is irrelevant for TLS 1.3, which requires (EC)DHE.

Even if this statement is somewhat true for TLS 1.2, it does not
justify discouraging the use of (EC)DHE.

PR-URL: https://github.com/nodejs/node/pull/41528
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
---
 doc/api/tls.md | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/doc/api/tls.md b/doc/api/tls.md
index 3c77f8c6c284ab..dfa7eb1d3fbb0e 100644
--- a/doc/api/tls.md
+++ b/doc/api/tls.md
@@ -89,9 +89,6 @@ the character "E" appended to the traditional abbreviations):
 * [ECDHE][]: An ephemeral version of the Elliptic Curve Diffie-Hellman
   key-agreement protocol.
 
-Ephemeral methods may have some performance drawbacks, because key generation
-is expensive.
-
 To use perfect forward secrecy using `DHE` with the `tls` module, it is required
 to generate Diffie-Hellman parameters and specify them with the `dhparam`
 option to [`tls.createSecureContext()`][]. The following illustrates the use of