On 2015-07-15 19:44, Richard Hansen wrote: > Before this OID issue was raised, RPSTIR only accepted CMS signed > objects that used sha256WithRSAEncryption. CMS signed objects that used > rsaEncryption were rejected due to non-conformance with RFC6485.
Apologies; this is incorrect. Up to and including v0.3 (released 2012-03-05), RPSTIR only accepted rsaEncryption. From v0.4 (released 2012-06-08) to v0.9 (released 2013-10-13) inclusive, RPSTIR accepted both but warned on rsaEncryption. Starting in v0.10 (released 2014-02-25), RPSTIR quietly accepts both. We added rigorous test cases in v0.4. The thread that brought this OID issue to SIDR's attention [1] was started shortly after RPSTIR v0.4 was released. [1] http://thread.gmane.org/gmane.ietf.sidr/4706 -Richard
signature.asc
Description: OpenPGP digital signature
_______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr