Re: Policy 2.7 Proposal: Clarify Section 5.1 ECDSA Curve-Hash Requirements

Ryan Sleevi wrote: > > >> It would be easier to understand if this is true if the proposed text >> cited the RFCs, like RFC 4055, that actually impose the requirements that >> result in the given encodings. >> > > Could you clarify, do you just mean adding references to each of the > example

Re: Policy 2.7 Proposal: Clarify Section 5.1 ECDSA Curve-Hash Requirements

> Note that this is applicable for signatureAlgorithms as well (and the same > section of the RFC), and this is again something cablint picks up and zlint > misses. However, it seems CAs happened to already have revoked these > certificates - perhaps from internal linting efforts that looked at

RE: Policy 2.7 Proposal: Clarify Section 5.1 ECDSA Curve-Hash Requirements

GlobalSign has revoked the respective certificates and is investigating root cause. Thanks. > -Original Message- > From: dev-security-policy On > Behalf Of Ryan Sleevi via dev-security-policy > Sent: dinsdag 21 mei 2019 6:06 > To: Brian Smith > Cc: Ryan Sleevi ;