commit c3b510f096a3d88137ffdb8ab38a1ad8bcd3ad49
author Ronald Cron <ronald.cron@arm.com> Mon Sep 27 13:36:33 2021 +0200
committer Ronald Cron <ronald.cron@arm.com> Mon Sep 27 15:39:37 2021 +0200
tree 125f960d508a78a73f43d57afd8e6b39f8be2f3a
parent 3160d700498bd88f29444ba621e103b7784547e0

Amend supported groups and signatures based on spec 9.1 section

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

docs/architecture/tls13-experimental.md

diff --git a/docs/architecture/tls13-experimental.md b/docs/architecture/tls13-experimental.md
index dce999f..ed2b38f 100644
--- a/docs/architecture/tls13-experimental.md
+++ b/docs/architecture/tls13-experimental.md
@@ -126,13 +126,22 @@
       re-initiate a server handshake.
 
 - Supported groups: depends on the library configuration.
-  Potentially all ECDHE groups:
-  secp256r1, secp384r1, secp521r1(0x0019), x25519, x448.
+  Minimally (as defined in section 9.1 of the TLS 1.3 specification):
+  secp256r1 and x25519.
 
-- Supported signature algorithms: depends on the library configuration.
-  Potentially:
-  ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512,
-  rsa_pss_rsae_sha256.
+  Furthermore, depending on the library configuration, potentially:
+  secp384r1 and secp521r1.
+
+  Finite field groups (DHE) are not supported.
+
+- Supported signature algorithms(both for certificates and CertificateVerify):
+  Minimally (as defined in section 9.1 of the TLS 1.3 specification):
+  rsa_pkcs1_sha256, rsa_pss_rsae_sha256 and ecdsa_secp256r1_sha256
+
+  Furthermore, depending on the library configuration, potentially:
+  ecdsa_secp384r1_sha384 and ecdsa_secp521r1_sha512
+
+- Supported versions: only TLS 1.3, version negotiation is not supported.
 
 - Support of Mbed TLS SSL/TLS related (not DTLS) features: