Benjamin Kaduk <bka...@akamai.com> writes: >We'd probably want to wordsmith it a bit more, as there's not exactly a >strict ordering on hash function strength, and "minimum requirement" could be >taken to mean "MUST use SHA-256", which is presumably not the intent.
You could just say "use SHA-2", which covers the whole family. Now in practice "SHA-2" means "SHA-256" so it'll be the same as saying SHA-256 directly, but the more generic SHA-2 leaves it open to interpretation for the three people who use something other than SHA-256. Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
