On Tue, Dec 13, 2016 at 01:47:28PM +0200, Yoav Nir wrote: > Hi > > 1. Leave it as its current inconsistent state > 2. Change 4492bis: > a. no new curves for ed25519 and ed448. > b. Two new signature algorithms, and request values 7 and 8 for them. > c. new hash algorithm 0x08 and call it something like “intrinsic” > 3. Change TLS 1.3, by using 0x0007 for both EdDSA signature_algorithms and > add two values to supported_groups. > 4. A hybrid of 2 & 3: > a. No new curves for 4492bis > b. Two new signature algorithms with values 0x07 and 0x08 > c. TLS 1.3 will modify the values to 0x0007 and 0x0008 > > There may be more options possible > > What do people think?
I would prefer backporting TLS 1.3 methods, i.e. option 2. In fact, that is what TLS library (btls) I have written does (it recognizes 0807 and 0808 even in TLS 1.2 and attempts to verify the signature). -Ilari _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
