The OpenSSL library gives you access to the public key of an RSA pair
in several formats (PKCS#1, X509 and I think XML <RSAKeyValue>) and
the perl wrapper, Crypt::OpenSSL::RSA provides access to two of those
via functions:
get_public_key_string: Return the Base64/DER-encoded PKCS1
representation of the public key.
get_public_key_x509_string: Return the Base64/DER-encoded
representation of the "subject public key", suitable for use in X509
certificates.
It's not entirely clear to me from RFC4871 which of those is the
correct one to use - as it just points at RFC3447, which is not the
clearest of documents, and doesn't seem to say anything relevant. If I
had to guess, I'd say the former, as that's the form that's described
as a PKCS#1 format.
The implementations I've seen, and the ("INFORMATIVE") examples in
RFC4871 seem to use the latter.
I don't see how the normative section of 4871 suggests that the X509
format is the right one to use. Can anyone point me at the line of
reasoning there?
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html