On Thu, Jun 25, 2009 at 03:10:53PM -0000, Thierry Carrez wrote:
> We could use openssl in jks-keystore.hook to decode proposed .pem
> contents and specifically exclude the one(s) with:
>
> Signature Algorithm: 1.2.840.10045.4.3.3
>
> (which maps to SHA384withECDSA according to http://javadoc.iaik.tugraz.at/cms_smime/current/iaik/cms/CMSAlgorithmID.html)
> I'm just unsure that would be the only one we would want to exclude...
On Thu, Jun 25, 2009 at 03:10:53PM -0000, Thierry Carrez wrote: javadoc. iaik.tugraz. at/cms_ smime/current/ iaik/cms/ CMSAlgorithmID. html)
> We could use openssl in jks-keystore.hook to decode proposed .pem
> contents and specifically exclude the one(s) with:
>
> Signature Algorithm: 1.2.840.10045.4.3.3
>
> (which maps to SHA384withECDSA according to http://
> I'm just unsure that would be the only one we would want to exclude...
Currently, yes. AFAICS.
Kind regards,
Philipp Kern