You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Dropping this is an intentional change. The hs2019 algorithm identifier definition (itself a late addition to one of the input I-D's) was an artifact of the alg parameter being required by the spec, so it was a placeholder that said "ignore the algorithm and go find something else". In other words, it was functionally vestigial. This parameter is no longer required, meaning the behavior of hs2019 of determining the algorithm from the key, context, configuration, or environment is now the default behavior. The explicit algorithm identifier of alg is also allowable in circumstances that require it, but it's overridden by the context (ie: they have to match if both specified). Also the parameters are now signed, which wasn't the case before. This discussion happened over the course of a few different issues and pull requests on here. The discussion is expanded in #1455 and will hopefully be more clear in the next draft being published soon.
I just noticed that the only supported algorithm
hs2019
present in message-signatures-02 §5.1.2.1 has gone in message-signatures-03 replaced by the old style of algorithm specification.Was this discussed somewhere? Is it permanent or an oversight?
The text was updated successfully, but these errors were encountered: