> On May 21, 2020, at 3:35 PM, Alexey Bakhtin <ale...@azul.com> wrote: > > The hash algorithm is selected on the base of the certificate > signature algorithm. > Also, the client should use SHA-256 algorithm, in case of the > certificate signature algorithm is SHA1 or MD5 According to https://www.rfc-editor.org/rfc/rfc5929#section-4.1, this is the right approach. I'm just curious if you have seen newer signature algorithms like RSASSA-PSS and EdDSA used in reality, since the latest TLS spec already defined ciphersuites around them. Thanks, Max
- Re: RFR: 8245527: LDAP Cnannel Binding support for Ja... Alexey Bakhtin
- Re: RFR: 8245527: LDAP Cnannel Binding support fo... Daniel Fuchs
- Re: RFR: 8245527: LDAP Cnannel Binding suppor... Aleks Efimov
- Re: RFR: 8245527: LDAP Cnannel Binding su... Alexey Bakhtin
- Re: RFR: 8245527: LDAP Cnannel Binding support fo... Valerie Peng
- Re: RFR: 8245527: LDAP Cnannel Binding suppor... Alexey Bakhtin
- Re: RFR: 8245527: LDAP Cnannel Binding su... Bernd Eckenfels
- Re: RFR: 8245527: LDAP Cnannel Bindi... Alexey Bakhtin
- Re: RFR: 8245527: LDAP Cnannel B... Aleks Efimov
- Re: RFR: 8245527: LDAP Cnannel Binding support for Ja... Michael Osipov
- Re: RFR: 8245527: LDAP Cnannel Binding support for Java GS... Weijun Wang
- Re: RFR: 8245527: LDAP Cnannel Binding support for Ja... Alexey Bakhtin
- Re: RFR: 8245527: LDAP Cnannel Binding support for Java GS... Alexey Bakhtin
