+1
On 9/6/16, 7:47 , "TLS on behalf of Gilles Van Assche" <tls-boun...@ietf.org on behalf of gilles.vanass...@st.com> wrote: Hello, For RSA PSS, I would suggest to consider: rsa_pss_shake128 rsa_pss_shake256 where SHAKE128 (or 256), as an exendable output function (XOF), directly replaces the mask generating function MGF. This would make RSA PSS simpler and more efficient. Kind regards, Gilles On 01/09/16 19:38, Hubert Kario wrote: The SHA-3 standard is already published and accepted[1], shouldn't TLSv1.3 include signatures with those hashes then? I think at least the following signature algorithms should be added: ecdsa_secp256r1_sha3_256 ecdsa_secp384r1_sha3_384 ecdsa_secp521r1_sha3_512 rsa_pss_sha3_256 rsa_pss_sha3_384 rsa_pss_sha3_512 1 - https://www.federalregister.gov/articles/2015/08/05/2015-19181/ announcing-approval-of-federal-information-processing-standard-fips-202-sha-3- standard
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
