[Top] [All Lists]

Re: which usercertificate attribute

2000-04-06 07:57:56
Thierry Van Doninck wrote:


When I use Netscape Communicator as a mail client, I can 'get' the 
certificates of my correspondents from a ldap directory.
Netscape however looks for a userSMIMEcertificate instead of a 

Which is the correct attribute to publish Certificates in ?
I would think that using 1 certificate for all applications would be a lot 
more user friendly.

The userSMIMEcertificate attribute contains additional information about the 
SMIME recipient, in particular the preferred
encryption algorithms.  Without this information, the message sender has to 
guess what algorithms would be acceptable.  This is
why Communicator used userSMIMEcertificate.

More recent versions of SMIME support for Communicator (in particular the PSM 
security add-on) supports retrieval of the
certificates from both attributes in the directory.  In addition, PSM has 
support for automatically retrieving certificates
from your primary directory (address book) without manual intervention.

Terry Hayes