[
https://issues.apache.org/jira/browse/SSHD-895?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17087027#comment-17087027
]
FliegenKLATSCH commented on SSHD-895:
-------------------------------------
Hm.. if it is like this, would it not get really worse if we add all the *-cert
algorithms in SSHD-660?
I am not sure if two more or less really matter in that case? Also this would
raise security and users are still able to disable this in case they encounter
such a server?
But anyhow thanks for the explanation. :)
> Add support for RSA + SHA-256/512 signatures
> --------------------------------------------
>
> Key: SSHD-895
> URL: https://issues.apache.org/jira/browse/SSHD-895
> Project: MINA SSHD
> Issue Type: Improvement
> Affects Versions: 2.3.0
> Reporter: Lyor Goldstein
> Assignee: Lyor Goldstein
> Priority: Major
> Fix For: 2.3.0
>
>
> See https://tools.ietf.org/html/rfc8332 - *Note:*
> {quote}
> Servers that accept rsa-sha2-* signatures for client authentication
> SHOULD implement the extension negotiation mechanism defined in
> [RFC8308], including especially the "server-sig-algs" extension.
> {quote}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
