2 Apr 2003 02:44
Certificate email addresses
Blake Ramsdell <blake <at> brutesquadlabs.com>
2003-04-02 00:44:22 GMT
2003-04-02 00:44:22 GMT
I was working closely with the certificates from the examples draft (closely meaning "importing them into my own code and Outlook Express and seeing what happened"). The following certificates do not have an email address in a subjectAltName extension: AliceRSASignByCarl BobRSASignByCarl DianeRSASignEncryptByCarl Was it a conscious decision to omit the email address from these certificates? If we were to repair this, I don't believe it would affect anything other than the certificates themselves. Their subjectKeyIdentifier, issuer and serialNumber fields would not be changed, so any CMS bodies that referenced those certificates would not need to be updated. The fix, of course, would be to add a subjectAltName extension with the email address corresponding to that certificate. I recommend that we add the email address to these certificates. Blake -- Blake Ramsdell | Brute Squad Labs | http://www.brutesquadlabs.com
RSS Feed