Tero, you haven't responded to my objection yet. Please let me know if you think that I am mistaken; otherwise the example should be corrected.
Johannes Johannes Merkle wrote on 25.07.2014 11:39: > Tero, > > thanks for updating the document. However, I'm not sure the first issue is > solved. > > Tero Kivinen wrote on 20.07.2014 21:02: >> Changed to: >> >> With RSASSA-PSS, the algorithm object identifier must always >> be id-RSASSA-PSS, and the hash function and padding parameters >> are conveyed in the parameters (which are not optional in this >> case). See <xref target="RFC4055"/> for more information. >> >> In the RSASSA-PSS the parameters are required, but they can be empty, >> so they are not optional in this case. >> > > Really? Section 3.1 of RFC 4055 states > When RSASSA-PSS is used in an AlgorithmIdentifier, the parameters > MUST employ the RSASSA-PSS-params syntax. The parameters may be > either absent or present when used as subject public key information. > > My understanding of this is that the parameters can indeed be absent not just > empty. > > IMHO the semantic is different: If the parameters are empty (empty sequence > in RSASSA-PSS-param), the default values > apply, and according to Section 3.3, case 3, of RFC 4055, the parameters in a > signature MUST be validated against the > (default) parameters specified in SPKI. However, if the parameters are > absent, then, according to Section 3.3, case 2, > of RFC 4055, no parameter validation is needed in a signature validation, > i.e. a signature may use any parameters. > > Maybe, I misinterpret the spec here? > > > > _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
