- From: timeless <timeless@gmail.com>
- Date: Fri, 21 Oct 2011 10:22:07 -0400
>From memory the goal of specing the tag is to define how it's
implemented in the while so that new UAs can read the spec and
implement something compatible with existing UAs, content and servers.
Suggesting anything that isn't what existing UAs does runs counter to
this goal.
On 10/20/11, Martin Bo?let <martin.bosslet at googlemail.com> wrote:
> In "4.10.14 The keygen element":
>
>>Generate an RSA key pair using the settings given by the user, if
>> appropriate,
>>using the md5WithRSAEncryption RSA signature algorithm (the signature
>>algorithm with MD5 and the RSA encryption algorithm) referenced in section
>>2.2.1 ("RSA Signature Algorithm") of RFC 3279, and defined in RFC 2313.
>>[RFC3279] [RFC2313]
>
> Wouldn't it be better to at least recommend sha1WithRSAEncryption or better
> even, sha256WithRSAEncryption, given that MD5 is generally considered as
> broken?
>
> Best regards,
> Martin Bo?let
>
--
Sent from my mobile device
Received on Friday, 21 October 2011 07:22:07 UTC