> > Also, if DSA was to be supported, one would need to specify how to > determine the hash function (use of fixed SHA-1 doesn't fly). And > 1024-bit prime is too small. > FIPS186-4 (http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf) partially remediates the issue. DSA now includes 2048 and 3072 sizes.
Jeff _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
