On Mon, May 19, 2025 at 01:29:40PM +0200, Filippo Valsorda wrote:
> 2025-05-19 12:41 GMT+02:00 John Mattsson <[email protected]>:
> > OpenSSL 3.5 has already shipped with the Values 0x0911 – 0x91C that
> > are in the draft.
>
> Frankly, this is a bit irritating, especially given the precedent of
> seed encodings, where we all got saddled with a fractal encoding to
> appease the "legacy" of a handful of early adopters. Now OpenSSL ships
> a production feature in a LTS version with 12 commandeered
> unregistered codepoints from the public range. Ok.
OpenSSL 3.5 DOES NOT have TLS codepoints for SLH-DSA. I don't know
where John Mattsson got that impression. The only PQ signature TLS
codepoints in OpenSSL 3.5 are:
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-signaturescheme
0x0904 mldsa44 N [draft-tls-westerbaan-mldsa-00]
0x0905 mldsa65 N [draft-tls-westerbaan-mldsa-00]
0x0906 mldsa87 N [draft-tls-westerbaan-mldsa-00]
--
Viktor.
_______________________________________________
TLS mailing list -- [email protected]
To unsubscribe send an email to [email protected]
