thoughs in no particular order:
1. I don't think section 3's 1RTT mode works. CA already signed the
certificate if it can give out encrypted version of it, then client can
get certificate from CT log.
2. is there a reason to include just PQC algos on list of supported
algorithm endpoint? I
On Sun, Aug 06, 2023 at 08:00:00AM -0300, Alexandre Augusto wrote:
>
> I would like to share our proposal for improving ACME with algorithm
> negotiation support. The main features are:
> - Flexibility: allows clients to know (in advance) if their desired
> algorithm is supported by the server;
>
Dear chairs and WG,
I would like to share our proposal for improving ACME with algorithm
negotiation support. The main features are:
- Flexibility: allows clients to know (in advance) if their desired
algorithm is supported by the server;
- Automated Issuance of KEM certificates: currently not