On Mon, Nov 17, 2025 at 1:02 AM Mohamed Boucadair via Datatracker < [email protected]> wrote:
> Mohamed Boucadair has entered the following ballot position for > draft-ietf-tls-tls13-pkcs1-06: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to > https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-tls-tls13-pkcs1/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > Hi David and Andrei, > > Thank you for the effort put into this specification. > > Updated the ballot [1] to take into account the feedback received so far > (including off-list clarification from Paul; Thanks). > > The only pending point is: > > # Update RFC8446/RFC8446bis > > The provisions in this draft relax what used to be disallowed in > 8446/8446bis. > This reads like an update. > > Specifically, this part from RFC8446bis: > > and > > In addition, the signature algorithm MUST be compatible with the key > in the sender's end-entity certificate. RSA signatures MUST use an > RSASSA-PSS algorithm, regardless of whether RSASSA-PKCS1-v1_5 > algorithms appear in "signature_algorithms". > Can you please identify which DISCUSS criteria item you believe this DISCUSS corresponds to? -Ekr > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > # FIPS 186-4 > > ## Please add a reference > > ## s/with FIPS 186-4/with US FIPS 186-4 > > # TLS Registries > > CURRENT: > IANA is requested to create the following entries in the TLS > SignatureScheme registry, defined in [RFC8446]. > > Isn’t draft-ietf-tls-rfc8447bis authoritative here for registry matters? I > would replace the 8446 citation with draft-ietf-tls-rfc8447bis. > > Cheers, > Med > > [1] https://mailarchive.ietf.org/arch/msg/tls/dimNOvXqeIaYflBK7s51J43p80U/ > > > > _______________________________________________ > TLS mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
