On Fri, Oct 22, 2021 at 04:50:05PM +0000, Salz, Rich wrote: > > This has been my impression, too, but we want to check with the > > list. > > OpenSSL has a comment "/* Only allow PSS for TLS 1.3 */" and it looks > like the code (tls12_check_peer_sigalg() in ssl/t1_lib.c) enforces > that.
So if OpenSSL client connects to server that supports PSS but not TLS 1.3, the connection will fail because the client vomits at the server response? -Ilari _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta