Hi,
I'm currently researching about the usage of RSA-PSS, an improved
padding method for RSA signatures (specified in PKCS #1 2.1/RFC 3447).
I saw that domainkeys in RFC 4871 is hard-bound to the old PKCS #1 1.5
method. RFC 4871 was developed years after IETF approved PKCS #1 2.1 in
RFC 3447, so I wonder what was the reason for that decision?
Also, in the current draft of an RFC obsoleting 4871, still there is
only PKCS #1 1.5 padding allowed. Wouldn't it make sense to use that
update to provide a gradual transition?
Regards,
--
Hanno Böck mail/jabber: hanno(_at_)hboeck(_dot_)de
GPG: BBB51E42 http://www.hboeck.de/
signature.asc
Description: PGP signature
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html