On Mon, Jan 23, 2023 at 07:01:38AM +0000, John Mattsson wrote:
> Hi Viktor,
>
> Are point compressed secp256r1 RPKs supported?
>
> - Uncompressed secp256r1 RPKs are 91 bytes.
> - Point compressed secp256r1 RPKs are 59 bytes
> - Ed25519 RPKs are 58 bytes
It looks to me like EC keys will be sent in their default point format,
which is set when the key pair is loaded.
I don't see any text in RFC7250 that describes how the TLS supported
point formats extension relates to EC raw public keys. On the other
hand:
https://www.rfc-editor.org/rfc/rfc8422.html#section-5.1.2
seems to say that only the uncompressed format is to be used in TLS.
If so what is the right question now? Should there be some code to make
sure that the uncompressed format is used? (Rather than rely on the
private key passed through i2d_PUBKEY() to output that form by default).
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
