Opened 15 years ago

Closed 15 years ago

#1 closed editorial (fixed)

Old PKCS#1 terminology

Reported by: pasi.eronen@… Owned by:
Priority: minor Milestone: milestone1
Component: draft-ietf-tls-rfc4346-bis Version: 02
Severity: Keywords:


I promised to send you text proposal for adopting PKCS#1 v2.1 terminology (which IMHO is a big improvement over older versions) in TLS 1.2.

Section 4.7 OLD:

In RSA signing, the output of the chosen hash function is encoded as a PKCS #1 DigestInfo and then signed using block type 01 as described in Section 8.1 as described in [PKCS1A].

Note: the standard reference for PKCS#1 is now RFC 3447 [PKCS1B]. However, to minimize differences with TLS 1.0 text, we are using the terminology of RFC 2313 [PKCS1A].


In RSA signing, the opaque vector contains the signature generated using the RSASSA-PKCS1-v1_5 signature scheme defined in [PKCS1B]. Note that earlier versions of TLS used a different RSA signature scheme.

Section 4.7 OLD:

An RSA encrypted value is encoded with PKCS #1 block type 2 as described in [PKCS1A].


RSA encryption is done using the RSAES-PKCS1-v1_5 encryption scheme defined in [PKCS1B].

Section 8.1.1 Remove following text (it's redundant):

RSA digital signatures are performed using PKCS #1 [PKCS1] block type 1. RSA public key encryption is performed using PKCS #1 block type 2.

Normative references: remove [PKCS1A], and change the label of [PKCS1B] to just [PKCS1].

Change History (4)

comment:1 Changed 15 years ago by pasi.eronen@…

The text should also mention something (to-be-determined what) about DigestInfo parameters field.

comment:2 Changed 15 years ago by pasi.eronen@…

Will open a separate ticket for DigestInfo? parameters.

comment:3 Changed 15 years ago by pasi.eronen@…

  • Milestone set to milestone1

comment:4 Changed 15 years ago by ekr@…

  • Resolution set to fixed
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.