You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the C2PA Specifications version 2.1, there seems to be a discrepancy regarding the allowed signature algorithms:
In section 13.2.1., the listed signature algorithms include only RSASSA-PSS for RSA-based signatures.
However, in section 14.5.1.1., the examples refer to sha256WithRSAEncryption and similar signatures, which are defined in RFC 8017, Appendix A.2.4 describing RSASSA-PKCS-v1_5.
This raises the question:
Is RSASSA-PKCS-v1_5 also allowed alongside RSASSA-PSS, or should it be considered deprecated/unsupported?
Could you please clarify the intended scope of allowed RSA signature algorithms in the specifications?
Thank you!
The text was updated successfully, but these errors were encountered:
In the C2PA Specifications version 2.1, there seems to be a discrepancy regarding the allowed signature algorithms:
In section 13.2.1., the listed signature algorithms include only RSASSA-PSS for RSA-based signatures.
However, in section 14.5.1.1., the examples refer to
sha256WithRSAEncryptionand similar signatures, which are defined in RFC 8017, Appendix A.2.4 describing RSASSA-PKCS-v1_5.This raises the question:
Is RSASSA-PKCS-v1_5 also allowed alongside RSASSA-PSS, or should it be considered deprecated/unsupported?
Could you please clarify the intended scope of allowed RSA signature algorithms in the specifications?
Thank you!
The text was updated successfully, but these errors were encountered: