* Rich Salz <[EMAIL PROTECTED]> [031210 12:16] wrote: > >Now I'm wondering if I'm going about things correctly, > >should I be using DSA to sign things? DSA seems to only > >support signing something of up to 20 bytes. > > Right. You do DSA(SHA-1(data)) > > Don't use MD5; there are security concerns. DSA is much less common > than RSA.
So, then use SHA-1 instead? What do you mean by DSA being less common than RSA? > >Anything else I should be looking for/at? > > Given the cryptographic naivete of your questions, you are better of > using standard mechanisms like PKCS#7; see apps/pkcs7.c, e.g. > /r$ What advanteges does that offer me? Lastly, thanks for tolerating my newbieness, it's much appreciated. :) -- - Alfred Perlstein - Research Engineering Development Inc. - email: [EMAIL PROTECTED] cell: 408-480-4684 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
