Tolga Acar wrote:
> Well, that is sort of my point.
> SHA1 is not a signature algorithm, sha1-with-rsa is, and that RSA is not
> a certified algorithm in OpenSSL's FIPS 140 certification, 
> sha1-with-rsa isn't, either.
> Perhaps, my understanding of the OpenSSL FIPS 140 certification is not
> entirely accurate.

My fault. RSA is not validated (there are no validation tests for it),
but it will be in the code we are submitting for certification.




"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to