Today, the IETF uses OpenSSL to digitally sign Internet-Drafts. If you care about the details, please see RFC 5485.
We are looking to expand Internet-Draft signing, and start signing RFCs as well. Someone has suggested that we support RFC 5126, "CMS Advanced Electronic Signatures (CAdES)”. This would mean including some signed attributes that we do not currently use. A CAdES Basic Electronic Signature (CAdES-BES) must include these signed attributes: - Content-type — I know OpenSSL supports this one. - Message-digest — I know OpenSSL supports this one. - ESS signing-certificate-v2 — I cannot tell if this is supported. The ESS signing-certificate-v2 attribute is defined in RFC 5035. I am interested in using it with SHA-256. Is it supported? If not, what would need to happen to get it supported? Russ -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
