8 Dec
2015
8 Dec
'15
10:08 p.m.
On Tue, 2015-12-08 at 07:24 +0100, Niels Möller wrote:
Nikos Mavrogiannopoulos n.mavrogiannopoulos@gmail.com writes:
X.509 certificate signing (I've seen certificates signed with RSASSA-PSS) and in the future, TLS 1.3 will be using it.
I see. Do you how x.509 and tls-1.3 handles the salt length? Is it prespecified, like in the definition of a tls cipher suite, or bundled with the public key, or included with each signature?
In PKIX it is part of the certificate parameters: https://tools.ietf.org/html/rfc4055#section-3
I have not checked the TLS 1.3 draft but I'd expect something similar.
regards, Nikos