On Mon, Jan 23, 2023 at 07:01:38AM +0000, John Mattsson wrote: > Are point compressed secp256r1 RPKs supported?
There is no RPK-specific code that either accepts or rejects point compression in ECDSA public keys received from the peer: https://www.rfc-editor.org/rfc/rfc5480#section-2.2 Assuming OpenSSL's d2i_PUBKEY(3) can decode these, they'll be accepted. I don't recall seeing any code to transmit point compressed public keys *to* the peer, but may have missed it, wasn't looking at the codec that closely. > - Uncompressed secp256r1 RPKs are 91 bytes. > - Point compressed secp256r1 RPKs are 59 bytes > - Ed25519 RPKs are 58 bytes The -- Viktor. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls