Opened 7 years ago

Closed 7 years ago

#27 closed defect (fixed)

Signature & hash alg specification

Reported by: kent@… Owned by: draft-ietf-trans-rfc6962-bis@…
Priority: major Milestone:
Component: rfc6962-bis Version:
Severity: Active WG Document Keywords:


Section 2.1.4 says that a log operator MUST use one of two specified signature algorithms with SHA-256. This implies that all clients MUST support both algorithms. Justify this requirement, or move the specification of mandatory signature and hash algorithms to another document.

Change History (2)

comment:1 Changed 7 years ago by benl@…

We would be happy with EC signatures only, but we hear that some people are still concerned about IP.

So, we have to provide an alternative for those people - RSA is considered safe, if slower and bigger, so that is what we propose.

comment:2 Changed 7 years ago by benl@…

  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.