> For those who missed CURDLE, could you please briefly explain why we don't > need signature context in non-TLS areas.
The one place we were concerned about attacks was in pre-hash signatures, and we made those a MUST NOT. And yes, your'e right, it's not relevant to TLS. > So why are we now saying that contexts are not needed even for TLS? I think because the key schedule changed. -- Senior Architect, Akamai Technologies Member, OpenSSL Dev Team IM: richs...@jabber.at Twitter: RichSalz _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
