kazuho
commented
6 years ago I'd assume that would be possible (picotls just advertises the signature schemes supported by openssl), but are there any certificates that use ed25519?
Open aep opened 6 years ago
kazuho
commented
6 years ago I'd assume that would be possible (picotls just advertises the signature schemes supported by openssl), but are there any certificates that use ed25519?
omasanori
commented
6 years ago The X.509 extension for Curve25519 and Curve448 is still an I-D, though its status has already been AUTH48 (RFC-to-be 8410). Also, CA/Browser Forum Baseline Requirements 1.59 lacks requirements for EdDSA (see section 6.1.5 for details). Thus, I guess no CA issues EdDSA certificates for now.
kazuho
commented
6 years ago It's now an RFC 8410, I am happy to review a PR.
any support planned for ed25519 with openssl (coming with 1.1.1)?