Thanks, I'll read up on your discussion there.
My original use for this is to share the same certificate and key on a
process that has both a TLS and DTLS connection. I went with just making
the DTLS derive a PSK from the keying material of the TLS.
On 18/11/2019 16:42, Matt Caswell wrote:
>
>
> On 17/11/2019 01:43, Rafael Ferrer wrote:
>> It's DTLS-OK according to IANA.
>> https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-16
>>
>>
>> I tested ED25519 certificates on TLS 1.2 and it worked fine.
>>
>> open
On 17/11/2019 01:43, Rafael Ferrer wrote:
> It's DTLS-OK according to IANA.
> https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-16
>
>
> I tested ED25519 certificates on TLS 1.2 and it worked fine.
>
> openssl s_server -port 4321 -cert server-cert.pem -key se
It's DTLS-OK according to IANA.
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-16
I tested ED25519 certificates on TLS 1.2 and it worked fine.
openssl s_server -port 4321 -cert server-cert.pem -key server-key.pem
-CAfile client-cert.pem -tls1_2 -sigalgs ed255