Kaspar Brand wrote: > On 31.03.2010 19:00, Michael Ströder wrote: >> Strange because my e-mail cert does not have subjectKeyIdentifier at all. >> >> Hmm, in theory a S/MIME MUA could calculate it on-the-fly even if the cert >> does not have one and build a lookup table. Maybe it's worth to look what RFC >> 5750 says about it... > > That aspect is covered by the CMS spec, actually. From RFC 5652, section > 6.2.1: > > When an X.509 > certificate is referenced, the key identifier matches the X.509 > subjectKeyIdentifier extension value. > > IOW, Outlook shouldn't use this format for referring to this particular > cert. Also, noted that RFC 5280 only mentions "two common methods for > generating key identifiers", there is no single standardized way for > calculating the key id.
If you read the whole section you've cited an excerpt from it's getting blurry. I took this to the ietf-smime mailing list for clarification. Are you subscribed there too? Ciao, Michael. -- Michael Ströder E-Mail: mich...@stroeder.com http://www.stroeder.com -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
