Support for deterministic ECDSA signatures

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Support for deterministic ECDSA signatures

OpenSSL - Dev mailing list
Hi,

Would it be possible to have OpenSSL support generation of ECDSA signatures in a deterministic manner?

This would be necessary to implement RFC6962-bis. Specifically, Section 12.4 (draft 21) requires the use of deterministic signatures (https://tools.ietf.org/html/draft-ietf-trans-rfc6962-bis-21#section-12.4).

The rationale behind it is to prevent fingerprinting/tracking of TLS clients by producing Signed Tree Heads / Signed Certificate Timestamps with the same data but different signatures, then tracking propagation of these SCTs / STHs via gossip protocols.

Thanks,
Eran


--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev