TLS 1.2 Signature Algorithms ClientHello extension

[Heit, James R]

Hello,

 

I have been working on the implementation of the TLS 1.2 protocol.  TLS 1.2 requires servers to handle the Signature Algorithms extension to the ClientHello handshake message.  My reading of RFC 5246 (7.4.1.4.1.) indicates that if client presents the extension (it can be omitted) it should include all hash/signature algorithm pairs the client is willing  to process.  While running the latest version of FileZilla, which uses GnuTLS 2.10.4, the only proposed Signature Algorithm is {SHA512,RSA}.  If I stick with the RFC, the handshake will fail, as my {SHA1,RSA} signed certificate is not in the list.

I’m not saying Microsoft is always right (in this case I think they are), but IE8/Win7 sends 7 Signature Algorithms in the extension: {SHA256,RSA},{SHA384,RSA},{SHA1,RSA},{SHA256,ECDSA},{SHA384,ECDSA},{SHA1,ECDSA},{SHA1,DSA}.

 

Thanks and looking forward to your response.

 

Jim Heit

 

James Heit  |  Principal Engineer  |  OSD Networking Unisys  |  2470 Highcrest Road, Roseville, MN, USA |  1-651-635-7739 |  Net2 524-7739
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.