> On May 22, 2017, at 1:27 PM, Benjamin Kaduk <bka...@akamai.com> wrote:
>
>> Isn't the language in question tackling a non-problem?
>
> It probably is, but I don't feel a need to spend a lot of my time pushing
> for it to be removed.
Well, the reason for this sub-thread is that I just to waste a bunch of cycles
to avoid new code in OpenSSL that would implement the spec as written and
needlessly break applications that don't care about PKIX certificates.
A nameless team member suggested casually that such applications can just
disable TLS 1.3...
And yet TLS 1.3 brings desirable improvements, and should not have needless
restrictions on the supported use cases.
Therefore, the language should go, or needs to be amended to make it clear
that TLS does not prohibit (mandate connection abort, ...) the appearance
of any certificate signature algorithms in the certificate message. Advice
to not trust such algorithms for authentication is unnecessary, but acceptable.
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
