On Wed, May 01, 2019 at 05:14:16PM +0000, Peter Gutmann wrote: > RFC Errata System <[email protected]> writes: > > >Section 7.2 of RFC 8017 describes the RSAES-PKCS1-v1_5 encryption scheme. > >Section 8.2 of RFC 8017 describes the RSASSA-PKCS1-v1_5 signature scheme. The > >original text contradicts the natural expectation and is probably wrong. > > The original text is correct, TLS 1.2 (and earlier) use PKCS #1 v1.5. Stating > that RSA-PSS should be used is wrong.
Section 7.2 is an encryption scheme, not a signature scheme; this is just a typo. (And RSASSA-PKCS1-v1_5 is, well, PKCS #1 v1.5, not RSASSA-PSS.) -Ben _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
