[TLS] draft-rescorla-tls-suiteb-06.txt

To: "tls at ietf.org" <tls at ietf.org>, Eric Rescorla <ekr at networkresonance.com>
Subject: [TLS] draft-rescorla-tls-suiteb-06.txt
From: Rob Dugal <rdugal at certicom.com>
Date: Tue, 23 Sep 2008 15:01:10 -0400
Accept-language: en-US
Acceptlanguage: en-US
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Sender: tls-bounces at ietf.org
Thread-index: Ackdrr3tUn6/8ZBARhONlXcjQBuQYQ==
Thread-topic: draft-rescorla-tls-suiteb-06.txt

>From section 4:
   Server and client certificates used to establish a Suite B-compliant
   connection MUST be signed with ECDSA.  For certificates used at the
   128-bit security level, the subject public key MUST use the P-256
   curve, and the digital signature MUST be calculated using the P-256
   curve and the SHA-256 hash algorithm.  For certificates used at the
   192-bit security level, the subject public key MUST use the P-384
   curve, and the digital signature MUST be calculated using the P-384
   curve and the SHA-384 hash algorithm.


Does this only apply to the client/server certificates or every certificate in the client/server chain?

-----------------------------------------------
Robert Dugal
Member of Development Group
Certicom Corp.
EMAIL: rdugal at certicom.com
PHONE: (905) 501-3848
FAX  : (905) 507-4230
WEBSITE: www.certicom.com


_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] draft-rescorla-tls-suiteb-06.txt
  - From: Martin Rex

Prev by Date: Re: [TLS] Consensus call for certificate URL extension
Next by Date: Re: [TLS] Consensus call for certificate URL extension
Previous by thread: [TLS] Consensus call for certificate URL extension
Next by thread: Re: [TLS] draft-rescorla-tls-suiteb-06.txt
Index(es):
- Date
- Thread

[TLS] draft-rescorla-tls-suiteb-06.txt

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.