New issue
Advanced search Search tips

Issue 823367 link

Starred by 1 user
Status: WontFix
Owner: ----
Closed: Mar 2018
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Mac
Pri: 3
Type: Bug



Sign in to add a comment

Word choice nit: Certificate information says "RSA Encryption" for a RSA signature

Project Member Reported by jeffcarp@chromium.org, Mar 19 2018 
Chrome Version: 65.0.3325.162
OS: gLinux

What steps will reproduce the problem?
(1) Go to any page on https://bugs.chromium.org/
(2) Click the green lock.
(3) View the Certificate info (click "Valid").
(4) Click the "Details" tab.
(5) In the tree, click on crrev.com > Certificate > Certificate Signature Algorithm

What is the expected result?

The value is "PKCS #1 SHA-256 With RSA Signature"

What happens instead?

The value is "PKCS #1 SHA-256 With RSA Encryption"


Reasoning: the "Certificate Signature Algorithm" is not an encryption algorithm but a signature algorithm.

Reference: see the PKCS #1 standard (https://tools.ietf.org/html/rfc3447) under "8.1.1 Signature generation operation" about "RSA signature".

If this is deemed a valid change I'm happy to write a CL.

Comment 1 by rsleevi@chromium.org, Mar 19 2018

Labels: Needs-Feedback
This UI is different on every platform. Can you indicate which platform?

And note that the OID may be the "rsaEncryption" OID. Based on your description, that string is correct - see https://tools.ietf.org/html/rfc3447#appendix-A.2.4

Comment 2 by jeffcarp@chromium.org, Mar 19 2018

Labels: OS-Linux OS-Mac
Thanks for taking a look. Seen on Linux and Mac - marking those. If that's what's defined in the spec, then I guess this is WAI? Out of curiosity, should the spec be more specific about this, or is it valid to refer to an RSA signature as an RSA encryption?

Comment 3 by rsleevi@chromium.org, Mar 19 2018

Status: WontFix (was: Untriaged)
It's the name of the OID. It's still a signature, but for legacy reasons (being that many RSA public keys used the OID rsaEncryption), the name has... stuck.

Marking WontFix/WAI, as it's using the sha256WithRSAEncryption OID.

Sign in to add a comment