PEM WG Meeting Minutes
The
expectation is that the changes to RFC 1115 are very minor and also
can be effected by the end of July.
Indeed, I can and will complete the minor changes to RFC1115bis and
have it ready for advancement at the end of July.
- Any certificate emitted by a PEM implementation, shall use
the object identifier for RSA (see Annex G of X.509) to identify an
RSA public key carried in the SubjectPublicKeyInfo field. However,
PEM implementation shall accept both this object identifier and the
"RSAEncryption" object identifier (from PKCS), in this field in
"received" certificates, e.g., certificates in incoming PEM messages.
Based on this and the subsequent PEM-DEV discussion, I will modify
RFC1115bis to indicate that PEM implementation may emit a certificate
with either the "rsa" or rsaEncryption" OID's in the SPKI field, with a
preference for the former, and that a PEM implementation must accept
both OIDs.
-DB