new algorithms

Michael Richardson mcr at
Mon Apr 8 18:04:51 UTC 2019

    >> creation of x509 certificate with algo1 and algo2, and/or TLS and SSL
    >> connection always with algo1 and algo2

Tobias Nießen <tniessen at> wrote:
    > As far as I know, you will need to have an OID assigned for each
    > algorithm for x509 certificates. You can add those to OpenSSL manually,
    > but you won't be able to communicate with any other software that does
    > not implement them. (And as Rich said, there is little reason for
    > people to trust and use non-standard algorithms.)

But, if your goal is private testing of your stuff, then any OID will do,
including one you allocate with a Private Enterprise Number, which you can get from
IANA by filling out a simple form.
You'll likely have to add the OIDs to the object.txt and run some scripts.

]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
]     mcr at        |   ruby on rails    [

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <>

More information about the openssl-users mailing list