On 2/11/07, Mike Hommey <[EMAIL PROTECTED]> wrote:
But does the CA certificate specify a "Certificate Sign" key usage ?
Here's what I get when I run the certificate through Kleopatra:
********************************************************
/home/siddhesh/.gnupg/pubring.kbx
---------------------------------
Serial number: 00
Issuer:
1.2.840.113549.1.9.1=#63696F406D756D6261692E7463732E636F2E696E,CN=TCS
CIO,OU=TCS,O=TCS,L=Mumbai,ST=Maharashtra,C=IN
Subject:
1.2.840.113549.1.9.1=#63696F406D756D6261692E7463732E636F2E696E,CN=TCS
CIO,OU=TCS,O=TCS,L=Mumbai,ST=Maharashtra,C=IN
sha1_fpr: 99:E1:DB:93:E9:EF:1F:3F:72:5E:88:33:0E:F7:7E:00:71:93:43:1A
md5_fpr: F2:56:25:3D:47:7E:D5:8F:52:2B:14:56:2F:0E:86:19
certid: BCAC50A72D6B623402ED1EDDC2633C0203DD4B69.00
keygrip: D3E864FFF6ADF47B4E7C56CF5622E538D7278A60
notBefore: 2002-03-26 06:23:58
notAfter: 2012-03-23 06:23:58
hashAlgo: 1.2.840.113549.1.1.4 (md5WithRSAEncryption)
keyType: 2048 bit RSA
subjKeyId: 708BF42057D2810A654BD22A2D46BE3CCAD7784C
authKeyId: 00
1.2.840.113549.1.9.1=#63696F406D756D6261692E7463732E636F2E696E,CN=TCS
CIO,OU=TCS,O=TCS,L=Mumbai,ST=Maharashtra,C=IN
authKeyId.ki: 708BF42057D2810A654BD22A2D46BE3CCAD7784C
keyUsage: digitalSignature certSign crlSign
extKeyUsage: [none]
policies: [none]
chainLength: 0
crlDP: [none]
authInfo: [none]
subjInfo: [none]
**************************************************
The 'certSign' is probably what you're looking for.
Regards,
--
Siddhesh Poyarekar
http://siddhesh.tk
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
