On Mon, Sep 19, 2016 at 3:56 PM, Xiaoyin Liu <[email protected]> wrote:
> Hello, > > > > There seems to be a conflict in the TLS 1.3 spec on whether servers should > send “signature_algorithms” extension or not. In section 4.2.2 Signature > Algorithms <https://tlswg.github.io/tls13-spec/#signature-algorithms>, it > says: > > Servers which are authenticating via a certificate MUST indicate so by > sending the client an empty “signature_algorithms” extension. > > > > But in section 8.2 MTI Extensions > <https://tlswg.github.io/tls13-spec/#mti-extensions>, it says: > > Servers MUST NOT send the “signature_algorithms” extension > > > > So should a server send am empty “signature_algorithms” extension or not > in ServerHello? > Section 8.2 is a bug in the spec. Servers need to send sig_algs if they are signing. David Benjamin has suggested an alternative encoding which I may put in a future draft, but for -15, you need to send it. -Ekr > > Thank you! > > Xiaoyin > > _______________________________________________ > TLS mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tls > >
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
