> When mailing revocation information to a CA, as in DMS P.48 CKL
> procedures, it may be necessary to use the CAs signing key for
> other usages/purposes - e.g. Key agreement.
>
>I disagree. In this case, the CA's certificate should contain more than
>one public key. In fact, in DMS MOSAIC algorithm suite, the CA would use
>DSS for signing and KEA for key agreement. Although these two algorithms
>could use the same public/private key pair, DMS is using separate key pairs
>for each algorithm. The expectations is that KEA key pairs will have a
>shorter lifetime than DSS key pairs.
>
>Russ
This implies that the CA certificate would contain an "other" public
key, in the v3 model. Here, no mandatory restrictions are specifiable
for the "other" public key directly, unlike for the primary/signing
key. Any Keyusage advise for the other case would be required to use
KeyUsage tag [0] (implying userKeyUsage purposes) to indicate the
purpose of keyagreement. this seems very unnatural, and would suggest a
lack of requirements identification. Is an otherKeyUsageRestriction
extension required, perhaps?