> All RSA signatures (V3 or V4) do have a hash firewall, yes. Is there anywhere a good description of the idea except Kaliski's presentation? Alex