On Wed, Jun 29, 2016 at 6:21 PM, Salz, Rich <rsalz at akamai.com> wrote: > > > To repeat: X25519 only supports key exchange. The 25519 signing > > mechanism is not yet defined. > Which I don't have a problem with. But surely the openssl command line tool should provide a mechanism for allowing an X25519-based certificate to be signed by a CA. Its seems that the "certificate request" protocol, which requires self-signing, prevents this in this case. Mike > > And see also: https://datatracker.ietf.org/doc/draft-ietf-curdle-pkix/ > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160629/fad037eb/attachment.html>
