[whatwg] Only allow md5WithRSAEncryption with <keygen keytype=rsa>?
Adam Roben
aroben at apple.com
Wed Oct 21 12:40:25 PDT 2009
HTML5 currently says that the signature algorithm used with <keygen
keytype=rsa> should be any of "those listed in section 2.2.1 ('RSA
Signature Algorithm') of RFC 3279."
However, both WebKit and Gecko only ever use the md5WithRSAEncryption
signature algorithm. And apparently WebKit ran into compatibility
issues with MIT's websites back in 2004 when it tried to use the id-
sha1 signature algorithm instead.
I'd recommend that HTML5 change to say that only the
md5WithRSAEncryption signature algorithm should be used for <keygen
keytype=rsa>.
-Adam
More information about the whatwg
mailing list