0

Can someone explain the significance of Certificate Signature algorithm in the selection of Cipher suite in a TLS communication?

schroeder
  • 125,553
  • 55
  • 289
  • 326
Redhat
  • 3
  • 1
  • 3
  • @schroeder I am trying to understand if the signature algorithm of a certificate has any role in the ciphersuite selection during the TLS communication. – Redhat Aug 21 '19 at 08:40
  • Ah, that's much clearer, thank you. – schroeder Aug 21 '19 at 09:05
  • In the past , CloudFlare did this: https://blog.cloudflare.com/sha-1-deprecation-no-browser-left-behind/. Returning SHA-1 or SHA-2 signed certificate depending on how the client presented itself (in order to help old clients blocked at the SHA-1 case). So it is kind of the exact reverse: based on what crypto algorithms the client presented, the server offered a certificate signed differently. – Patrick Mevzek Aug 27 '19 at 23:04

0 Answers0