[cabfpub] Fwd: Re: Proposal to add DSA 2048

Erwann Abalea erwann.abalea at keynectis.com
Mon Mar 11 10:32:59 UTC 2013

A good mention from Tom Ritter.
The same problem exists with ECDSA keys (page 13 of the mentionned RFC).


-------- Message original --------
Sujet: 	Re: [cabfpub] Proposal to add DSA 2048
Date : 	Fri, 8 Mar 2013 17:47:41 -0500
De : 	Tom Ritter <tom at ritter.vg>
Pour : 	Ryan Hurst <ryan.hurst at globalsign.com>
Copie à : 	Erwann ABALEA <erwann.abalea at keynectis.com>

It may be worth mentioning one other thing beyond Erwann's summary about 
DSA keys that is unlike RSA: that only part of the public key may be 
specified in the certificate, and it is expected to inherit the missing 
parameters from the parent certificate (or fail).  This is an odd sharp 
edge that came up in Public Key Pinning - and I'm sure it will cause 
some applications somewhere to crash ;)



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130311/7fe83f71/attachment-0002.html>

More information about the Public mailing list