Valery Smyslov writes: > > RSASSA-PSS is MUST when implementing Digital Signature. > > All these thing are not clear from the current text of the draft. > I was also confused as well as Yaron.
Why the following text is not clear enough: With the use of Digital Signature, RSASSA-PKCS1-v1.5 MAY be implemented. RSASSA-PSS MUST be implemented. I think it very clearly says that RSASSA-PSS MUST be implemented when Digital Signature authentication method is implemented. > As I've said in previous message, I'm not a fan of idea to tie > support for RSASSA-PSS with support for Digital Signature auth. > Nevertheless if this link is imposed by the draft, it must be > spelled out more clearly. And you think the paragraph above is not clear enough? If not then provide text that will say it even more clearly. -- [email protected] _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
