On Jan 6, 2021, at 17:01, Eric Rescorla <e...@rtfm.com> wrote: > > > This is not strictly correct: TLS allows both the client and the server to > advertise their supported signature algorithms, which can be used by the peer > to guide certificate selection.
How common is it for TLS servers to have multiple signature algorithm / certificates configured to support this? For you IPsec, which has a similar issue, I have never seen a server configured with two certificates, eg to use RSA or ECDSA, or seen opensource software supporting this. Paul _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop