Hi all, I need a clarification regarding the use of the signature algorithms.
Reading Section 4.2.3. "Signature Algorithms" I got the impression that there is a new extension being defined called 'supported_signature_algorithms', which replaces the previous 'signature_algorithm' extension.
The difference between the 'signature_algorithm' extension in RFC 5246 and the newly defined 'supported_signature_algorithms' extension is that the new extension only contains the digital signature algorithm and not the hash function anymore.
If that's indeed the intention I would prefer if the text uses the 'supported_signature_algorithms' rather than 'signature_algorithms'. (as it is done in Section 4.4.2. "Certificate Verify"). Unfortunately the term 'signature_algorithms' is used in many other places in the document itself, including the IANA consideration section that makes a reference to RFC 5246.
Is it correct that the 'supported_signature_algorithms' extension replaces the 'signature_algorithm' extension from RFC 5246?
Ciao Hannes _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
