Hi all, according to TLS 1.2 section 7.4.1.4.1. a client may use the signature_algorithm extension to signal any combinations the client supports, listed in the order of preferences. If the client does not use this extension, the server must use the signature algorithm in combination with SHA1. This may lead to an error on the client side when validating the certificate. Unfortunately the server is not allowed to use this extension, otherwise he could tell the client his preferences according to his security policy. Is there a standard compliant way to utilize SHA256 based certificates on the server side even when a client does not signal additional signature algorithms?
I looked through the mailing list but did not find an immediate answer to my question, but I guess, it must have been discussed already. Thank you in advance for any hint. Best regards Steffen -- Steffen Fries Siemens AG Corporate Technology CT RDA ITS
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
