On 13 December 2016 at 22:47, Yoav Nir <ynir.i...@gmail.com> wrote: > 2. Change 4492bis: > a. no new curves for ed25519 and ed448. > b. Two new signature algorithms, and request values 7 and 8 for them. > c. new hash algorithm 0x08 and call it something like “intrinsic”
This, but with a small tweak: don't treat these values as requiring special reservation (as we have done for existing hash/signature values). Rather than blocking out all 0x08 hashes, which might be the consequence of this change, we can say that a hash of 0x08 AND either 0x07 or 0x08 identify these signature schemes. We need to be able to allocate 0x0809 at some point later. Maybe also include a reference to TLS 1.3 (informative only) and mention that this is compatible with the change from SignatureAndHash to SignatureScheme in TLS 1.3. Like Ilari, I have backported the TLS 1.3 change to TLS 1.2 and it works fine. It actually fixed some old bugs (such being unable to sign with P-521 and SHA-256, but trying anyway). _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
