On Mon, Jan 23, 2023 at 07:01:38AM +0000, John Mattsson wrote:
> Are point compressed secp256r1 RPKs supported?
There is no RPK-specific code that either accepts or rejects point
compression in ECDSA public keys received from the peer:
https://www.rfc-editor.org/rfc/rfc5480#section-2.2
Assuming OpenSSL's d2i_PUBKEY(3) can decode these, they'll be
accepted. I don't recall seeing any code to transmit point
compressed public keys *to* the peer, but may have missed it,
wasn't looking at the codec that closely.
> - Uncompressed secp256r1 RPKs are 91 bytes.
> - Point compressed secp256r1 RPKs are 59 bytes
> - Ed25519 RPKs are 58 bytes
The
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
