On Mon, Dec 11, 2017 at 08:59:44AM +0100, Nikos Mavrogiannopoulos wrote:
> On Tue, 2017-12-05 at 12:00 +0100, Nikos Mavrogiannopoulos wrote:
> > On Mon, 2017-12-04 at 17:24 -0800, Eric Rescorla wrote:
> > > Hi folks,
> > >
> > > I've put together a PR that attemps to address the PSS issue.
> > >
On Tue, 2017-12-05 at 12:00 +0100, Nikos Mavrogiannopoulos wrote:
> On Mon, 2017-12-04 at 17:24 -0800, Eric Rescorla wrote:
> > Hi folks,
> >
> > I've put together a PR that attemps to address the PSS issue.
> >
> > See:
> > https://github.com/tlswg/tls13-spec/pull/1114
As I guess, we cannot man
On Mon, 2017-12-04 at 17:24 -0800, Eric Rescorla wrote:
> Hi folks,
>
> I've put together a PR that attemps to address the PSS issue.
>
> See:
> https://github.com/tlswg/tls13-spec/pull/1114
>
>
> Because there are platforms which don't have any support for PSS in
> the cert validator, at all,
On Tue, Dec 5, 2017 at 12:24 PM, Eric Rescorla wrote:
> - A separate extension that refers only to the cert chain
> - Two sets of RSA code points, one for PSS and one for PKCS#1.
To be clear, this is two sets of RSA-PSS code points, one for PSS SPKI
and one for PKCS#1 SPKI.
That's awful, but I a
