On 6 February 2017 at 11:12, Nikos Mavrogiannopoulos <[email protected]> wrote: > TLS 1.3 requiring a different key type, will provide an incentive for > them to update.
I don't think that's how this works. More likely, that would become a reason not to deploy TLS 1.3 if you insist that only RSA-PSS certs are used. Yes, I know that it's relatively easy to configure a PSS certificate separately. I wrote the code that did that in NSS, but it's going to remain the case that most servers have one cert. If you have one cert, then it's going to be the one that works with all the clients. _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
