ietf-smime
[Top] [All Lists]

Re: Inclusion of the issuer and serial number in authenticated in formation

1998-03-23 09:41:40
I
Russ Housley <housley(_at_)spyrus(_dot_)com> writes:

 do not see the value in the certificate hash.  However, if many people
think it is desirable, then it should be optional.  We must trust CAs to
never issue more than one certificate with the same serial number.
Revocation will be all messed up if they do....
I don't see the value in the certificateHash either. Let's leave it
out.

-Ekr

-- 
[Eric Rescorla                             Terisa Systems, Inc.]
                "Put it in the top slot."