Re: [TLS] TLS 1.2 hash agility

To: Eric Rescorla <ekr at networkresonance.com>
Subject: Re: [TLS] TLS 1.2 hash agility
From: Mike <mike-list at pobox.com>
Date: Thu, 27 Sep 2007 10:20:47 -0700
Cc: tls at ietf.org
In-reply-to: <46FBDF1F.4050604@pobox.com>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
References: <46ABB82D.8090709@pobox.com> <46ACCCCB.8000201@pobox.com> <B356D8F434D20B40A8CEDAEC305A1F24046B2496@esebe105.NOE.Nokia.com> <20070914215611.0342933C21@delta.rtfm.com> <46EB102E.2070900@pobox.com> <20070914225606.9E9B433C21@delta.rtfm.com> <46EC2AE7.9040903@pobox.com> <20070917185820.6E7CC33C3A@delta.rtfm.com> <46FA745A.3070305@pobox.com> <20070926152907.8A60B33C23@delta.rtfm.com> <46FA91E8.5020303@pobox.com> <46FB4397.6040203@pobox.com> <46FBBBBE.7000108@pobox.com> <20070927143028.7EF4433C21@delta.rtfm.com> <46FBC5A1.7020501@pobox.com> <20070927161005.7CB8C33C28@delta.rtfm.com> <46FBDF1F.4050604@pobox.com>
User-agent: Thunderbird 2.0.0.6 (Windows/20070728)

Remember that the signature over the client's certificate and CertificateVerify is for the client's benefit, not the servers, and vice versa....
I thought that the signature over the client's certificate
was to prove to the server that you have the corresponding
private key, and therefore that you are the entity named in
the certificate (and deserve access to private information
about that entity).


Oops, I meant signature in CertificateVerify.

Mike

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

References:
- [TLS] TLS 1.2
  - From: Mike
- [TLS] TLS 1.2 hash agility
  - From: Mike
- RE: [TLS] TLS 1.2 hash agility
  - From: Pasi.Eronen
- Re: [TLS] TLS 1.2 hash agility
  - From: Eric Rescorla
- Re: [TLS] TLS 1.2 hash agility
  - From: Mike
- Re: [TLS] TLS 1.2 hash agility
  - From: Eric Rescorla
- Re: [TLS] TLS 1.2 hash agility
  - From: Mike
- Re: [TLS] TLS 1.2 hash agility
  - From: Eric Rescorla
- Re: [TLS] TLS 1.2 hash agility
  - From: Mike
- Re: [TLS] TLS 1.2 hash agility
  - From: Eric Rescorla
- Re: [TLS] TLS 1.2 hash agility
  - From: Mike
- Re: [TLS] TLS 1.2 hash agility
  - From: Mike
- Re: [TLS] TLS 1.2 hash agility
  - From: Mike
- Re: [TLS] TLS 1.2 hash agility
  - From: Eric Rescorla
- Re: [TLS] TLS 1.2 hash agility
  - From: Mike
- Re: [TLS] TLS 1.2 hash agility
  - From: Eric Rescorla
- Re: [TLS] TLS 1.2 hash agility
  - From: Mike

Prev by Date: Re: [TLS] TLS 1.2 hash agility
Next by Date: Re: [TLS] TLS 1.2 hash agility
Previous by thread: Re: [TLS] TLS 1.2 hash agility
Next by thread: Re: [TLS] TLS 1.2 hash agility
Index(es):
- Date
- Thread

Re: [TLS] TLS 1.2 hash agility

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.