On 13/08/15 06:21, Richard Barnes wrote: > I would note, though that in practice, e=65537 pretty much always, and > the attack would almost never produce that value. So this could still > be prevented by checks on account public keys.
I know you're not suggesting we do, but depending on special values or patterns for keys would be risky. I think it has often turned out that application developers are unaware of the details of what their crypto libraries do or do not support at that level. So it could be quite easy to recommend something that'd fall between the cracks. Cheers, S. _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
