[TLS] CertificateRequest in TLS 1.2

To: "tls at ietf.org" <tls at ietf.org>
Subject: [TLS] CertificateRequest in TLS 1.2
From: Mike <mike-list at pobox.com>
Date: Mon, 05 Feb 2007 11:55:58 -0800
Cc:
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
User-agent: Thunderbird 1.5.0.9 (Windows/20061207)

In TLS 1.2, a CertificateRequest message has a list
of HashTypes specifying the acceptable hashes used
in certificate signatures.  There is no guidance
on the ordering of these values.  I would suggest
that the server should specify them in the order
that it prefers.  The client would scan the list
in order, and return a certificate using the first
matching hash algorithm.

Mike

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

Prev by Date: [TLS] Certificate Hash Types extension
Next by Date: [TLS] Re: Certificate Hash Types extension
Previous by thread: [TLS] Certificate Hash Types extension
Next by thread: [TLS] Test server with TLS 1.2, OpenPGP, SRP, PSK, X.509 and more
Index(es):
- Date
- Thread

[TLS] CertificateRequest in TLS 1.2

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.