> On Mar 24, 2017, at 1:08 AM, Martin Thomson <martin.thom...@gmail.com> wrote:
>
>> I've never seen
>> a TLS server that has multiple chains to choose from for the same
>> server identity.
Both chains of course use SHA256.
Sorry I meant to say multiple digest algorithms for otherwise
identical chains (same public key algorithm and server name).
Even in the SMTP space some servers have both RSA and ECDSA certs.
When that's the case, cipher negotiation ensures that the selected
EE certificate's public key algorithm is mutually supported.
There's still little need to pay attention to the client's signature
algorithms in choosing the EE-certificate and associated chain.
--
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
