| NONE | No Encryption (Clear Case) |
| PKCS1 | Password or similar authentication data (up to 117 bytes) enabled for encryption by client or server and passed as a 128-byte binary element for decryption by the receiver. Assume the SP creates keys with 1024-bit modulus and distributes them "out of band". |
|