On Mon, Jan 11, 2016 at 11:38:25PM +0000, Andrei Popov wrote:
> Yes, per RFC 5246:
> " If the client provided a "signature_algorithms" extension, then all
> certificates provided by the server MUST be signed by a
> hash/signature algorithm pair that appears in that extension."
Yes. Though for the record, and as discussed ad nauseam before,
this is a bug in the RFC, and should not be implemented as written.
(Please let's not re-open that thread).
Ideally, at some point SChannel will implement the TLS 1.3 draft
bug fix also for TLS 1.2.
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
