On Tue, May 20, 2025 at 07:31:23PM +0200, Alicja Kario wrote:
> I would like to point out that we need the same kind of codepoints no matter
> if we want to use SLH-DSA in the end entity certificates or in CA
> certificates.
This assumes that one bothers signalling support for certificate
signature algorithms separately from TLS signature algorithms. AFAIK,
that's rarely done in practice. If SLH-DSA is not enabled for signing
the certiificate verify message, I don't expect to see it supported in
CA certificates either, at least in the near term.
--
Viktor.
_______________________________________________
TLS mailing list -- tls@ietf.org
To unsubscribe send an email to tls-le...@ietf.org
