> Routinator > does indeed require that. It doesn’t insist on the presence of the NULL, > though, and allows absent parameters.
Lol. So you struggled with absent vs NULL parameters too? I wondered whether I should have included that too in this query. On Thu, May 23, 2019 at 1:16 PM Alberto Leiva <ydah...@gmail.com> wrote: > > I see. Is this erratum-worthy? > > On Thu, May 23, 2019 at 11:23 AM Russ Housley <hous...@vigilsec.com> wrote: > > > > > > > > > On May 22, 2019, at 6:18 PM, Alberto Leiva <ydah...@gmail.com> wrote: > > > > > > Hello > > > > > > Another question. > > > > > > RFC 7935 states the following: > > > > > > 3.1. Public Key Format > > > > > > (...) > > > > > > algorithm (which is an AlgorithmIdentifier type): > > > The object identifier for RSA PKCS #1 v1.5 with SHA-256 MUST be > > > used in the algorithm field, as specified in Section 5 of > > > [RFC4055]. The value for the associated parameters from that > > > clause MUST also be used for the parameters field. > > > > > > I've never seen a certificate that declares sha256WithRSAEncryption ({ > > > pkcs-1 11 }) as its public key algorithm. Every certificate I've come > > > across labels its algorithm as rsaEncryption ({ pkcs-1 1 }). > > > > > > (Certificates always define the signature algorithm as > > > sha256WithRSAEncryption, but that's a different field.) > > > > > > Is everyone doing it wrong, or am I missing something? > > > > > > I'm aware that this is likely a triviality--rsaEncryption and > > > sha256WithRSAEncryption probably mean the same in this context. > > > There's also a thread in this list in which people seem to have > > > experienced headaches over this topic. But the thread is talking about > > > CMS signed objects (which I believe is different from certificates), > > > and happened before 7935 was released, so it feels like the RFC should > > > mandate something consistent with reality by now. > > > > > > Thanks for any pointers. > > > > You are right. > > > > In the subjectPublicKeyInfo, the algorithm identifier should be > > rsaEncryption, which is { 1, 2, 840, 113549, 1, 1, 1 }. This allow the > > public key to be used with PKCS#1 v1.5, RSASSA-PSS, and RSAES-OAEP. > > > > In the signature, the algorithm identifier should be > > sha256WithRSAEncryption, which is { 1, 2, 840, 113549, 1, 1, 11 }. This > > identifies PKCS#1 v1.5 with SHA-256 as the hash algorithm. > > > > Russ > > > > _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr