Thanks for noticing that Tobias. I've opened an erratum, but am still waiting
for the RFC editor's email confirming it. I'll pass that along when that comes
through.
(This is the result of a bug in NSS, so in case you are interested:
https://bugzilla.mozilla.org/show_bug.cgi?id=1549225)
On S
Hi,
the example handshake traces for TLS 1.3 (RFC8448) seems not to fully
comply to the TLS 1.3 standard (RFC8446).
RFC8446 in 4.2.3. says that an implementation must not offer deprecated
algorithms in the signature algorithms extension:
"In TLS 1.2, the extension contained hash/signature pairs.
