- From: Martin Boßlet <martin.bosslet@googlemail.com>
- Date: Thu, 20 Oct 2011 20:55:47 +0200
In "4.10.14 The keygen element":
>Generate an RSA key pair using the settings given by the user, if appropriate,
>using the md5WithRSAEncryption RSA signature algorithm (the signature
>algorithm with MD5 and the RSA encryption algorithm) referenced in section
>2.2.1 ("RSA Signature Algorithm") of RFC 3279, and defined in RFC 2313.
>[RFC3279] [RFC2313]
Wouldn't it be better to at least recommend sha1WithRSAEncryption or better
even, sha256WithRSAEncryption, given that MD5 is generally considered as
broken?
Best regards,
Martin Bo?let
Received on Thursday, 20 October 2011 11:55:47 UTC