Can someone explain the significance of Certificate Signature algorithm in the selection of Cipher suite in a TLS communication?
Asked
Active
Viewed 124 times
0
-
@schroeder I am trying to understand if the signature algorithm of a certificate has any role in the ciphersuite selection during the TLS communication. – Redhat Aug 21 '19 at 08:40
-
Ah, that's much clearer, thank you. – schroeder Aug 21 '19 at 09:05
-
In the past , CloudFlare did this: https://blog.cloudflare.com/sha-1-deprecation-no-browser-left-behind/. Returning SHA-1 or SHA-2 signed certificate depending on how the client presented itself (in order to help old clients blocked at the SHA-1 case). So it is kind of the exact reverse: based on what crypto algorithms the client presented, the server offered a certificate signed differently. – Patrick Mevzek Aug 27 '19 at 23:04