On 24 September 2016 at 10:35, Nick Sullivan <nicholas.sulli...@gmail.com> wrote: > 1) Move DistinguishedName out of the structure and define it as a TLS-style > extension. It's not a required field. > 2) Remove SignatureScheme from structure, and instead change the behavior of > the the "signature_algorithms" extension to include all server-supported > SignatureSchemes in the ServerHello in descending order of preference.
This is my preference too. I get that this means that you have to remember more if you might support client authentication, but it removes yet another bespoke parser and extension point. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
