On Thu, Mar 23, 2017 at 10:23 PM, Viktor Dukhovni <ietf-d...@dukhovni.org> wrote:
> > > On Mar 24, 2017, at 1:08 AM, Martin Thomson <martin.thom...@gmail.com> > wrote: > > > >> I've never seen > >> a TLS server that has multiple chains to choose from for the same > >> server identity. > > Both chains of course use SHA256. > I am too lazy to check if it's still true but at least for a while https://www.mozilla.org/ had both a SHA-1 and a SHA-256 certificate so that we could serve Firefox to people on very downrev browsers (e.g., XP). -Ekr > Sorry I meant to say multiple digest algorithms for otherwise > identical chains (same public key algorithm and server name). > > Even in the SMTP space some servers have both RSA and ECDSA certs. > When that's the case, cipher negotiation ensures that the selected > EE certificate's public key algorithm is mutually supported. > > There's still little need to pay attention to the client's signature > algorithms in choosing the EE-certificate and associated chain. > > -- > -- > Viktor. > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
