We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RSA-PSS (http://tools.ietf.org/html/rfc3447) is designed to protect against a number of risks that come with simplistic hash-the-zeropad-then-sign.
We should research whether one/some of these threats are relevant to OC. If not, we can allow the simple hash+RSA for OC.
The text was updated successfully, but these errors were encountered:
do we use sha256(bencode(payload/mint_key/...)) in the meantime, until reasearch is done?
Sorry, something went wrong.
Yes. I suggest we call the crypto suite "RSA-0PAD-SHA265-CHAUM86". This might be a good test of how easy we can change the crypto suite :-)
nilstoedtmann
No branches or pull requests
RSA-PSS (http://tools.ietf.org/html/rfc3447) is designed to protect against a number of risks that come with simplistic hash-the-zeropad-then-sign.
We should research whether one/some of these threats are relevant to OC. If not, we can allow the simple hash+RSA for OC.
The text was updated successfully, but these errors were encountered: