On Thu, 17 Apr 2014 19:54:27 +0800 (CST) shixin <shixin...@163.com> wrote:
> I implement X.509 certificates with RSASSA-PSS signatures by openssl > function, is it possible? It is possible, however most browsers won't like it. (my code for nss is unfortunately bitrotting in bugzilla) But we have two things here: a) you can create RSASSA-PSS signatures with normal RSA key type. Openssl supports that. b) You can have specific RSASSA-PSS-only-keys that are not allowed to do anything else. No support in OpenSSL as far as I know. -- Hanno Böck http://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: BBB51E42
signature.asc
Description: PGP signature
