On Thursday, February 05, 1998 12:43 PM, dpkemp(_at_)missi(_dot_)ncsc(_dot_)mil
[SMTP:dpkemp(_at_)missi(_dot_)ncsc(_dot_)mil] wrote:
I believe that S/MIME software which supports the keyUsage and
extendedKeyUsage extensions MUST always ensure that the above checks
are done, regardless of whether the extensions are marked critical.
The only question is whether the S/MIME cert profile mandates support
for these extensions.
I agree with this.
I recommend that the two suggested texts be included in the S/MIME
Cert Spec, with the phrase "and is indicated as being critical"
deleted from each.
Yes, that's what I was getting at in my last message also. I agree.
Blake
--
Blake C. Ramsdell
Worldtalk Corporation
For current info, check http://www.deming.com/users/blaker
Voice +1 425 882 8861 x103 Fax +1 425 882 8060