RE: Key usage. No, wait, *extended* key usage

Blake,

> Don't we need to explain the keyUsage field for sending an encrypted
> message?  It seems that on an outbound message:  "Prior to creating and
> encrypted content key for an S/MIME message, if the keyUsage extension
> is present in the encrypting certificate and is indicated as being
> critical, then the encrypting software MUST ensure that that the
> keyEncipherment bit is set to 1."
X.509, Sec 12.2.2.3, Key Usage Field, states: "If the extension is flagged
critical, then the certificate shall be used only for a purpose for which
the corresponding key usage bit is set to one."  The S/MIME v3 Cert Handling
Spec already states that the keyUsage extension must be critical, if
present.  Therefore, the cert using software MUST check the keyUsage bits
before using the certs.  Therefore, I don't believe that the S/MIME v3 Cert
Handling Spec needs to say anything other than "keyUsage must be critical,
if present". 

Also, please note that the keyAgreement bit will be set to 1 if D-H or KEA
is being used.

> What about the criticality flags?  Is the only case where we check the
> keyUsage when the criticality for the extension is set to 1?  I think it
> should always be checked, regardless of its criticality.
Agree.

- John Pawling