* I suppose an algorithm could be added to the TLS SignatureScheme registry even if it did have one, two, or three hundred KB public keys and so was unlikely to ever be used for TLS. However, I just wanted to raise a potential issue with limiting Certificate Transparency to only using signature schemes approved for use with TLS.
This is a reasonable point to consider, but as the WG has been in “get this draft published and then close” for a few years now, it’s probably too late.
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
