Michael Bell wrote: > Craig McGregor wrote: > >> I expected that when default_md = sha1 that both the thumbprint >> algorithm AND >> the SignatureAlgorithm with be SHA1. This was not the case.
I am quite sure that if you use the default_md set to sha1 the certificate
will use sha1RSA as signature algorithm according to openssl's code.
The use of md5 hashing was due to historical reasons and can be replaced
by sha1.
> I will check it again.
[...]
> I think Massimiliano use an old OpenCA which use MD5 by default for the
> usercertificates too.
Yes, my actual certificate has been issued using a 0.8 OpenCA's version
and it uses md5.
--
C'you,
Massimiliano Pala
--o-------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED]
[EMAIL PROTECTED]
http://www.openca.org Tel.: +39 (0)59 270 094
http://openca.sourceforge.net Mobile: +39 (0)347 7222 365
smime.p7s
Description: S/MIME Cryptographic Signature
