On Monday, July 13, 2015 01:11:29 pm Andrei Popov wrote: > My preference would be to keep the client explicitly advertising its > capabilities, and the server strictly honoring the client-advertised > capabilities. And since the concept of "default algorithms" confuses people, > let's just get rid of it in 1.3. Conveniently, most of this WG no longer > wants SHA1 or MD5. Why not just make signature_algorithms (even more) clearly > and unambiguously MTI in 1.3?
Yep. I already have that in a WIP branch at the moment. I'm merging together all my WIPs from WG discussion on the topics of alerts and certs here: https://github.com/davegarrett/tls13-spec/compare/seanfixesredux...davegarrett:alertsandcerts There's a backlog of PRs on main, so diffing on top of Sean Turner's fixes branch to reduce noise in the diff. Dave _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
