On Fri, Nov 22, 2024 at 07:34:18PM +0530, tirumal reddy wrote: > Thank you, Alicja, for the review. I agree with all your comments and have > raised a PR https://github.com/tireddy2/composite-mldsa/pull/1 to address > them.
I think it would be better to have a footnote for the two SignatureScheme values that are not allowed in signature_algorithms than adding a whole new column. The TLS ExtensionType Values already has such footnote for non-standard behavior in where the ech_outer_extensions extension can appear. However, I do not think it is clear if clent is allowed to send the values in signature_algorithms or not. And if not, how is the server to handle the values appearing anyway? And the values are definitely not allowed to appear in CertificateVerify, but this is not stated. As reference, TLS 1.3 does allow PKCS#1 v1.5 signatures in signature_algorithms, but not in CertificateVerify. And there are no notes in the registry about that. -Ilari _______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
