[Cryptography] World's oldest security RFC published
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Wed Sep 23 04:40:43 EDT 2020
Alexander Klink <alexander at klink.name> writes:
>Huh, good point, I hadn't actually looked at what changed :). I was involved
>in the OpenXPKI SSCEP server (which used OpenSCEP at the time), but that was
>probably all based on the original standard ...
In any case though the minimal changes to get an old version up to speed
should be fairly minor, just replacing all the museum-grade algorithms with
current ones, implementing POST rather than GET, and checking that various
things that were ambiguous or even wrong in the original draft but that people
usually implemented correctly anyway really are done correctly. That's not
the full RFC, but enough to meet the minimum mandatory-to-implement
requirements.
Peter.
More information about the cryptography
mailing list