//datatracker.ietf.org/doc/html/rfc8399>
> do not affect RCF 5280 in this matter.
>
> The main question remains: How to handle this issue?
>
> Thanks In Advance
> --
> Christian Weber
> Am 28.01.2022 um 13:58 schrieb Russ Housley:
>> RFC 3161 says:
>>
>>
RFC 3161 says:
2.3. Identification of the TSA
The TSA MUST sign each time-stamp message with a key reserved
specifically for that purpose. A TSA MAY have distinct private keys,
e.g., to accommodate different policies, different algorithms,
different private key sizes or to increase t
th help of openssl. If the case is that
> that data is wrongly,
> is there a way to get decode with openssl anyway?
>
> Max
>
> From: Russ Housley mailto:hous...@vigilsec.com>>
> Date: Thursday, 4. November 2021 at 15:08
> To: Max Larsson <mailto:max.lars...@
RFC 2743 shows this structure:
MechType ::= OBJECT IDENTIFIER
-- data structure definitions
-- callers must be able to distinguish among
-- InitialContextToken, SubsequentContextToken,
-- PerMsgToken, and SealedMessage data elements
-- based on the usage in which
RFC 4055 says:
The object identifier used to identify the PKCS #1 version 1.5
signature algorithm with SHA-224 is:
sha224WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 14 }
The object identifier used to identify the PKCS #1 version 1.5
signature algorithm with SHA-256 is:
Uri:
>
> Unfortunately, there's no ASN.1 -> CBOR codec generator, AFAIK, which is why
> I'm asking here.
Nope, and if there were, it would not generate the same result as the
compressions routines that Ben referenced.
Russ
I am looking a test certificate that contains an RSA-OAEP subject public key
(OID = id-RSAES-OAEP from RFC 4055) and is signed with RSA-PSS (OID =
id-RSASSA-PSS also from RFC 4055). I have not ben able to find a way to
generate such a certificate with OpenSSL. If you have a pointer to such a
