[prev in list] [next in list] [prev in thread] [next in thread]
List: ietf-tls
Subject: [TLS] RFC4492bis - Clairify sections 2.1 and 2.2 with respect to RFC 5246 7.4.2.
From: Henrik_Grubbström <grubba () gmail ! com>
Date: 2015-01-14 16:08:47
Message-ID: CALuAYvYtmNxj444NJO8n+=eJSwph62ynyw1ZU1rUEeuHpUENQQ () mail ! gmail ! com
[Download RAW message or body]
[https://github.com/tlswg/rfc4492bis/issues/3]
In TLS 1.2 the restrictions on what certificates are allowed in a
certificate chain were relaxed so the following text from sections 2.1
and 2.2 in the RFC4492bis draft should be clarified with respect to
TLS 1.2:
2.1:
In ECDHE_ECDSA, the server's certificate MUST contain an ECDSA-
capable public key and be signed with ECDSA.
2.2:
The server certificate MUST be signed with RSA.
There's also similar text in section 5.3 Table 3.
--
Henrik Grubbström grubba@grubba.org
Roxen Internet Software AB grubba@roxen.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic