Hubert Kario <hka...@redhat.com> writes: >It only doesn't matter if you don't want to verify the certificate... > >It's one thing to be able to be able to verify an RSA-PSS signature on TLS >level, it's entirely another to be able to properly handle all the different >RSA-PSS limitations when using it in SPKI in X.509.
Is there anything that's jumped through all the hoops to implement the complex mess that is PSS but then not added the few lines of code you need do verify it in certificates? And if so, why? In any case it's still encoding a minor implementation artefact of the certificate library being used into the TLS protocol, where it has absolutely no place. You either do PSS or you don't, and the TLS layer doesn't need to know what magic number you use to identify it in certificates. More to the point, for a number of certificate libraries there's no way for the TLS layer to know what magic number is used because it's a minor implementation detail that isn't exposed in the API. Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
