On Thu, Apr 2, 2015 at 4:39 PM, John Bradley <[email protected]> wrote:
> A given issuer may be allowed to sign using both ECDSA and RSA PKCS 1.5 > and that would not be a problem until one of them is deprecated. > Having libraries assume that there can only be one alg per issuer would > not lead to useful crypto agility in my experience. > Note that I'm proposing one alg per key ID, not one alg per issuer (sorry in advance if I misunderstood what you meant here). Tim
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
