Jeff writes:
I think the sentiment was that "RSA" was the obvious right
choice for the OID and that it was only some sense of accommodation
for existing implementations that prompted inclusion of
"RSAEncryption" as an acceptable alternative on incoming certificates.
Perhaps I misunderstood the sentiment of the WG. Would anyone else
who attended care to comment?
Hmmm. I got this one backwards! I thought we had agreed that the
RSAEncryption OID (the one from PKCS) was the preferred one to send but
that the "RSA" OID (Annex G.) would be acceptable on incoming
certificates.
If I correctly remember what I proposed at the meeting in the hopes of
achieving an agreement with which all could live, it was that we'd
recommend generating "RSA" but accept incoming "RSAEncryption" or "RSA"
as equivalent. If PEM interoperability and deployment would be best
served by permitting alternative generation of either "RSAEncryption" or
"RSA" in certificates that are to be used for PEM, as intervening
discussion has suggested, that would be OK by me. The main issue I see
with recommending "RSAEncryption" in preference to "RSA" is that other,
non-PEM systems (e.g., perhaps, Peter Kirstein's directory project as
cited at the meeting) are less likely to be able to deal with such
PEM-generated certificates than they would be to accomodate certificates
using the X.509 OID.
--jl