[whatwg] <keygen> element

Martin Boßlet martin.bosslet at googlemail.com
Thu Oct 20 11:55:47 PDT 2011


In "4.10.14 The keygen element":

>Generate an RSA key pair using the settings given by the user, if appropriate,
>using the md5WithRSAEncryption RSA signature algorithm (the signature
>algorithm with MD5 and the RSA encryption algorithm) referenced in section
>2.2.1 ("RSA Signature Algorithm") of RFC 3279, and defined in RFC 2313.
>[RFC3279] [RFC2313]

Wouldn't it be better to at least recommend sha1WithRSAEncryption or better
even, sha256WithRSAEncryption, given that MD5 is generally considered as
broken?

Best regards,
Martin Boßlet


More information about the whatwg mailing list