On Thursday, 1 September 2016 12:43:31 CEST Benjamin Kaduk wrote: > On 09/01/2016 12:38 PM, Hubert Kario wrote: > > The SHA-3 standard is already published and accepted[1], shouldn't TLSv1.3 > > include signatures with those hashes then? > > Why does it need to be part of the core spec instead of a separate document?
because: we also are adding RSA-PSS to TLSv1.2 in this document, I don't see why it needs to be delayed. Finally, TLSv1.2 added SHA-2 just like that, it was not tacked on later. Note that I do not suggest that implementation of SHA-3 signature algorithms should be recommended, let alone mandatory for TLSv1.3, just that the standard include the codepoints. > > 1 - https://www.federalregister.gov/articles/2015/08/05/2015-19181/ > > > > announcing-approval-of-federal-information-processing-standard-fips-202-sh > > a-3- standard > > I think we generally end up with a RFC specifying how to use them in > IETF protocols and then cite the RFC instead of the NIST publication > directly. I would see that as necessary for RSASSA-PKCS1_v1.5, as it needs the values for hash info, but neither ECDSA nor RSASSA-PSS require them. I think that RFC 3447 is enough to implement RSASSA-PSS with SHA-3. Also, is see RFC 5246 referencing the NIST publication directly, not the RFC 4634... -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
