If RSASSA-PSSv2 is done because RSASSA-PSS is found broken, then we just mark RSASSA-PSS as MUST NOT, and move to the new version.
And this will cause interoperability problems since there is no way for the peers to indicate each other that they support particular signature encoding.
"MUST NOT" in RFC is insufficient: in real life you cannot update all implementations overnight. Well, this is just a grunt... _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
