René Fischer
René Fischer
Definitely a good target for 3.x. Thanks for all the effort @randombit!
Interesting. I remember it was hard to find any test vectors at all. BSI TR 03111 does not mention ECKCDSA anymore specifically, but BSI TR 02102-1 still lists it as...
> @securitykernel I'm inclined to guess that there are very few productions users of ECKCDSA - I had always assumed that it was just added to tick the box for...
BSI responded that ECKCDSA really is special algorithm and that they don't know anyone using it ATM. And they're fine with just breaking compatibility with a fix here and add...
Can we merge this for 3.0? #2749 is still open probably because my feedback came after the PR was created.
So from what I can see, the following things need to be done to fix the tests: - [x] Fix ecdsa_unit test: Check whether SHA-1 is available - [ ]...
Re OCSP (via Feisty Duck TLS News): > The CA/Browser Forum has decided to deprecate the use of SHA-1 signatures in OCSP signing. SHA-1 signatures for certificates were deprecated in...
Fine for me to enable this for 3.0 and leave 2.x as-is.
I remember we (@neusdan) had long discussions about implementing this check in the first place. I revisited the code now. This seems to be the relevant section of [RFC 4055](https://www.rfc-editor.org/rfc/rfc4055#page-10):...
We decided to deprecate and no longer maintain this project. There may be a last GRUB2 update released here, so I'll keep this issue open for now.