[whatwg] <keygen> element from Ian Hickson on 2012-01-27 (public-whatwg-archive@w3.org from January 2012)

From: Ian Hickson <ian@hixie.ch>
Date: Fri, 27 Jan 2012 19:03:42 +0000 (UTC)
Message-ID: <Pine.LNX.4.64.1201271903280.16982@ps20323.dreamhostps.com>

On Thu, 20 Oct 2011, Martin Bo?let wrote:
>
> In "4.10.14 The keygen element":
> 
> >Generate an RSA key pair using the settings given by the user, if appropriate,
> >using the md5WithRSAEncryption RSA signature algorithm (the signature
> >algorithm with MD5 and the RSA encryption algorithm) referenced in section
> >2.2.1 ("RSA Signature Algorithm") of RFC 3279, and defined in RFC 2313.
> >[RFC3279] [RFC2313]
> 
> Wouldn't it be better to at least recommend sha1WithRSAEncryption or 
> better even, sha256WithRSAEncryption, given that MD5 is generally 
> considered as broken?

Probably, but that's not what browsers do.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

Received on Friday, 27 January 2012 11:03:42 UTC