Connected: An Internet Encyclopedia
4.3.1 md2WithRSAEncryption

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 1423
Up: 4. Asymmetric Key Management Algorithms
Up: 4.3 Asymmetric Signature Algorithms
Prev: 4.3 Asymmetric Signature Algorithms
Next: 5. Descriptive Grammar

4.3.1 md2WithRSAEncryption

4.3.1 md2WithRSAEncryption

The md2WithRSAEncryption signature algorithm is used to sign certificates and CRLs. The algorithm is defined in PKCS #1 [11]. It combines the RSA-MD2 message digest algorithm described here in Section 2.2 with the RSAEncryption asymmetric encryption algorithm described here in Section 4.2.1. As defined in PKCS #1, the ASN.1 object identifier

     md2WithRSAEncryption OBJECT IDENTIFIER ::= {
         iso(1) member-body(2) US(840) rsadsi(113549) pkcs(1)
         pkcs-1(1) 2
     }

identifies this algorithm. When this object identifier is used with the ASN.1 type AlgorithmIdentifier, the parameters component of that type is the ASN.1 type NULL.

There is some ambiguity in X.509 regarding the definition of the SIGNED macro and, in particular, the representation of a signature in a certificate or a CRL. The interpretation selected for PEM requires that the data to be signed (in our case, an MD2 message digest) is first ASN.1 encoded as an OCTET STRING and the result is encrypted (in our case, using RSAEncryption) to form the signed quantity, which is then ASN.1 encoded as a BIT STRING.


Next: 5. Descriptive Grammar

Connected: An Internet Encyclopedia
4.3.1 md2WithRSAEncryption