Re: [openssl-dev] Signing Internet-Drafts and RFCs

On May 12, 2016, at 10:52 AM, Salz, Rich wrote: > >> (2) We need to validate signatures on I-Ds and RFCs with the standard >> release. I’m okay with needing 1.1 or later, but I’m not okay with users >> having to fetch a special version. > > It would show up a release after

Re: [openssl-dev] Signing Internet-Drafts and RFCs

Three points: (1) There may be people willing to work on code at the hackathon. I have not looked around too much, but I could do that depending on the response to the second point. (2) We need to validate signatures on I-Ds and RFCs with the standard release. I’m okay with needing 1.1 or

[openssl-dev] Signing Internet-Drafts and RFCs

Today, the IETF uses OpenSSL to digitally sign Internet-Drafts. If you care about the details, please see RFC 5485. We are looking to expand Internet-Draft signing, and start signing RFCs as well. Someone has suggested that we support RFC 5126, "CMS Advanced Electronic Signatures (CAdES)”.