Hi all,
Is this the right place to ask a question about the Cryptographic
Message Syntax signed object spec (RFC5652 Section 5)? (I'm interested
in understanding the RFC author's intentions, not what implementations
currently do.)
I am reviewing draft-ietf-sidr-rfc6485bis for the sidr working group and
am confused about SignerInfo algorithm selection, specifically the
relationship between the digestAlgorithm and signatureAlgorithm fields.
RFC3370 defines the digest algorithm OIDs sha-1 and md5. It also
defines the signature algorithm OIDs rsaEncryption,
sha1WithRSAEncryption, and md5WithRSAEncryption. This leads me to wonder:
* Suppose digestAlgorithm contains sha-1. Is there any functional
difference between choosing rsaEncryption vs. sha1WithRSAEncryption
for the signatureAlgorithm field?
* What happens if I put sha-1 in digestAlgorithm but choose
md5WithRSAEncryption for signatureAlgorithm?
* In general, what is the relationship between the digest algorithm
associated with the chosen signatureAlgorithm and the chosen
digestAlgorithm?
Thanks,
Richard
_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime