Don't know whether everyone here also reads openssl-users, so to recap,
Robert Moskowitz <> reports considerable frustration
as a result of "default_md = sha256" being incompatible with Ed25519
(and Ed448).  He's working around this with "-md null" sprinkled about
liberally, but it is not especially intutive.

What should we do here?  Perhaps we need a "default_md = default" that
picks a sensible default for each key algorithm (sha256 typically,
but "null" for EdDSA)?  Or ignore "default_md" with EdDSA, or ???


openssl-project mailing list

Reply via email to