I looks like we have consensus to move forward with this PR (PSS), please apply the change. I think Russ's suggestion improves the text.
Thanks, Joe On Thu, Sep 10, 2015 at 1:18 PM, Eric Rescorla <e...@rtfm.com> wrote: > https://github.com/tlswg/tls13-spec/pull/239 > > Based on the WG discussion, I've created a PR for adding support for PSS. > The basic tactic I took is: > > - All in-protocol RSA signatures (i.e., in CertificateVerify) are PSS > - You must use MGF1 with the same hash as you used for the content. > - I added a rsa_pss SignatureAlgorithm field. > > The impact of this is that endpoints can sunset support for RSASSA-PKCS1 > by omitting it from SignatureAlgorithms. > > Note that I didn't deprecate SHA-1 (something Hanno suggested) but I expect > to in another PR based on WG consensus. > > Please take a look. > > -Ekr > > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
