On 10/25/2013 10:43 AM, Tobias Gruetzmacher wrote: > while working with a self-signed certificate I got from a client, I > noticed, certtool will spit out: > > Signature Algorithm: unknown > warning: signed using a broken signature algorithm that can be forged. > > while OpenSSL detects this correctly as: > > Signature Algorithm: sha1WithRSA
that's odd. SHA1 with RSA would normally be: 1.2.840.113549.1.1.5 > When I activate debugging I get this additional message: > > |<2>| Unknown SIGN OID: '1.3.14.3.2.29' how was this generated? https://bugzilla.mozilla.org/show_bug.cgi?id=405966#c1 snd follow-on remarks suggest that this is a duplicate of the PKCS#1 OID definitions. I think that libNSS interprets this as a synonym. maybe gnutls should do the same? --dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
