[whatwg] <keygen> element
Ian Hickson
ian at hixie.ch
Fri Jan 27 11:03:42 PST 2012
On Thu, 20 Oct 2011, Martin Boßlet wrote:
>
> In "4.10.14 The keygen element":
>
> >Generate an RSA key pair using the settings given by the user, if appropriate,
> >using the md5WithRSAEncryption RSA signature algorithm (the signature
> >algorithm with MD5 and the RSA encryption algorithm) referenced in section
> >2.2.1 ("RSA Signature Algorithm") of RFC 3279, and defined in RFC 2313.
> >[RFC3279] [RFC2313]
>
> Wouldn't it be better to at least recommend sha1WithRSAEncryption or
> better even, sha256WithRSAEncryption, given that MD5 is generally
> considered as broken?
Probably, but that's not what browsers do.
--
Ian Hickson U+1047E )\._.,--....,'``. fL
http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,.
Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
More information about the whatwg
mailing list