SCVP -23 Revised to explicitly support signaling by both client and server Fairly granular specification Server policy response message specifies Signature generation, Signature verification, Hash algorithms, Key agreement keys (inc. algs, params, and kdf) Client requests Server use… Signature algorithm, Hash algorithm However, no provision to limit key sizes E.g., cannot indicate “verify RSA 1024 thru 3072” |