Ari,
This is not exactly what I read in the Future Plans from the NIST cryptographic toolkit web page about Digital Signatures at (http://csrc.nist.gov/encryption/tkdigsigs.html):
"NIST also intends to adopt PKCS #1 as an approved technique for RSA digital signatures. (Currently, this is only allowed under the transition period for FIPS 186-2, which is scheduled to end July 27, 2001.)"
Note also that NIST has currently no FIPS-approved public key-based techniques as per the NIST cryptographic toolkit web page about Key Management (http://csrc.nist.gov/encryption/tkkeymgmt.html).
Cheers,
Francois
-----Original Message-----
From: Ari Huttunen [mailto:Ari.Huttunen@F-Secure.com]
Sent: Thursday, March 15, 2001 11:33
To: ipsec@lists.tislabs.com
Subject: PKCS#1 in IKE vs. FIPS certification
I just learned that FIPS will no longer approve the PKCS#1 standard,
starting in June. Instead they will endorse some ANSI standard.
The IKE RFC demands that PKCS#1 be used for RSA encryption and RSA signatures.
So, will this mean that starting in June it will not be possible to
create IKE/IPsec products for the US federal market, and use RSA signatures
or RSA encryption? Or does it mean something else?
Ari
--
Ari Huttunen phone: +358 9 2520 0700
Software Architect fax : +358 9 2520 5001
F-Secure Corporation http://www.F-Secure.com
F-Secure products: Integrated Solutions for Enterprise Security