Re: x509

To: Niels Möller <nisse%lysator.liu.se@localhost>
Subject: Re: x509
From: Markus Friedl <markus%openbsd.org@localhost>
Date: Thu, 31 Jan 2002 12:11:23 +0100

On Thu, Jan 31, 2002 at 11:59:58AM +0100, Niels Mller wrote:
> A few comments on some of the issues here.
> 
> > > > i don't see why we cannot use the current "ssh-rsa" encoding:
> > > > transfer a x509 certificate in addition to "ssh-rsa" encoded
> > > > signature?
> 
> I think it makes sense to keep the ssh-dsa and ssh-rsa encodings for
> signatures. Certificate standards typically don't define formats for
> detached signatures. Whether or not a new name is attached to the data
> isn't terribly important, but I'd prefer *not* introducing new
> redundant names.

ok, then the transport draft must say:

signatures for hostkeys of type "ssh-rsa-x509v3" are
encoded as
	string	"ssh-rsa"
	string	rsa_signature_blob.

-m

Follow-Ups:
- Re: x509
  - From: Damien Miller

References:
- Re: x509
  - From: Damien Miller
- Re: x509
  - From: Niels Möller

Prev by Date: Re: x509
Next by Date: Re: x509
Previous by Thread: Re: x509
Next by Thread: Re: x509
Indexes:

Home | Main Index | Thread Index | Old Index