Hello, There seems to be a conflict in the TLS 1.3 spec on whether servers should send "signature_algorithms" extension or not. In section 4.2.2 Signature Algorithms<https://tlswg.github.io/tls13-spec/#signature-algorithms>, it says: Servers which are authenticating via a certificate MUST indicate so by sending the client an empty "signature_algorithms" extension.
But in section 8.2 MTI Extensions<https://tlswg.github.io/tls13-spec/#mti-extensions>, it says: Servers MUST NOT send the "signature_algorithms" extension So should a server send am empty "signature_algorithms" extension or not in ServerHello? Thank you! Xiaoyin
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
