[gnutls-help] GnuTLS 3.6.0 released

[Jeremy Harris]

Hi,

https://gnutls.org/reference/gnutls-abstract.html
says, for gnutls_privkey_sign_hash() :-

"Note that, not all algorithm support signing already hashed data. When
 signing with Ed25519, gnutls_privkey_sign_data() should be used."


Meantime there's a draft[1] for extending DKIM to use Ed25519 signatures
which wants to use signing of an already-computed hash, as opposed
to a hash-plus-signing operation.

[ Subissue: sha256 hash, specifically.  The GnuTLS docs do not seem
to say _what_ hashes are acceptable for what signing algorithms; only
that there's a way to request a hash that is "preferred", and that
for some signings that hash might be mandatory].

The draft refers to RFC 8032, which defines both "Pure" and "Hash"
variants of signing  (section 4).

Is there intent to support the Pure variant of Ed25519 signing in
future?
-- 
Thanks,
  Jeremy

1: https://tools.ietf.org/html/draft-ietf-dcrup-dkim-crypto-06