Tero Kivinen wrote on 07.10.2014 16:24: > I.e you can clearly see that in the public key object for PSS > signatures the RSASSA-PSS-params are optional, but for the signature > algorithm definition for PSS signatures the RSASSA-PSS-params are > required. The actual content of the sequence can be empty, but the > sequence MUST be there.
I agree with that. > > So the current text saying that the params are not optional in this > case is correct. The A.4.1 has example of empty parameters, where > there is the id-RSASSA-PSS object identifier and empty sequence after > that. Note, that the hex for that matches the hex in RFC3447... I was mistaken in thinking that the SubjectPublicKey Identifier is used, but, of course, it is the signatureAlgoithm Identifier. So I was completely wrong here. Issue closed. -- Johannes _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
