-- Victor Duchovni wrote: > If so, I fear we are learning the wrong lesson, which > while valid in other contexts is not pertinent here. > TLS must be flexible enough to accommodate new > algorithms, this means that the data structures being > exchanged are malleable, and that implementations must > validate strict adherence to a specifically defined > form for the agreed algorithm, but the ability to > express other forms cannot be designed out.
There is no need, ever, for the RSA signature to encrypt anything other than a hash, nor will their ever be such a need. In this case the use of ASN.1 serves absolutely no purpose whatsoever, other than to create complexity, bugs, and opportunities for attack. It is sheer pointless stupidity, complexity for the sake of complexity, an indication that the standards process is broken. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG mKNEZf/r5lZqyGpNhzkQ0zdt2uAdaxkSyyyxAW3W 4BWO8prrBiE/VfMik8xpeS4TgD+5KsqGSGeRw2Dxr --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]