Also, "RSA" isn't a single function because of the padding issue. You need to specify PKCS#1 something or other. There's a normative ref to RFC 3447 but nothing in the text.
By the way, dk-milter invokes OpenSSL with RSA_PKCS1_PADDING (whatever that is). If a different algorithm is used, it shouldn't be called "rsa-sha1", I guess. (The description in the draft looks very much like unpadded hashed RSA signatures, which have already been broken for this sort of application.)
<Prev in Thread] | Current Thread | [Next in Thread> |
---|---|---|
|
Previous by Date: | Re: DKIM: key identification and shared keys, Michael Thomas |
---|---|
Next by Date: | jabber address for bof, Dave Crocker |
Previous by Thread: | Re: Comments on draft-allman-dkim-base-00.txt, Jon Callas |
Next by Thread: | Re: Comments on draft-allman-dkim-base-00.txt, Michael Thomas |
Indexes: | [Date] [Thread] [Top] [All Lists] |