On Fri, 22 Nov 2024 at 20:39, Ilari Liusvaara <ilariliusva...@welho.com> wrote:
> On Fri, Nov 22, 2024 at 07:34:18PM +0530, tirumal reddy wrote: > > Thank you, Alicja, for the review. I agree with all your comments and > have > > raised a PR https://github.com/tireddy2/composite-mldsa/pull/1 to > address > > them. > > I think it would be better to have a footnote for the two > SignatureScheme values that are not allowed in signature_algorithms than > adding a whole new column. The TLS ExtensionType Values already has such > footnote for non-standard behavior in where the ech_outer_extensions > extension can appear. > Sure, added a footnote. > > However, I do not think it is clear if clent is allowed to send the > values in signature_algorithms or not. And if not, how is the server to > handle the values appearing anyway? And the values are definitely not > allowed to appear in CertificateVerify, but this is not stated. > Thanks, updated draft to provide clarification. -Tiru > > As reference, TLS 1.3 does allow PKCS#1 v1.5 signatures in > signature_algorithms, but not in CertificateVerify. And there are no > notes in the registry about that. > > > > > -Ilari > > _______________________________________________ > TLS mailing list -- tls@ietf.org > To unsubscribe send an email to tls-le...@ietf.org >
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
