> [aleksander.adamow...@olo.org.pl - Thu Jul 23 14:45:58 2009]: > > When reading the manual page of the RSA utility ("man rsa"), one > cannot easily determine whether the output will be in PKCS#1 or PKCS#8 > format and whether that format depends on other options. The only > thing that is specified is the DER/PEM encoding of the output, which > is not a format per se. > > It should be stated clearly, whether the output is in PKCS#1 or PKCS#8 > format > > On a similar note, the man page for the pkcs8 utility states that > depending on option values, the input and output formats may be PKCS#8 > or in the traditional format - this should be clarified, what > "traditional" format is - is it PKCS#1? >
I agree this could be made a little clearer. The "traditional" format is mentioned in a few places and is the old SSLeay format, see for example the -inform option of the rsa utility. In OpenSSL before 1.0 the output format is that "traditional" form for private keys and SubjectPublicKeyInfo for public keys. In 1.0 and later private keys are encrypted using the more standard PKCS#8 format. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org