ietf-smime
[Top] [All Lists]

RE: Request change in son-of-rfc2633

2003-10-28 15:24:26

I disagree. Key identifiers are much smaller than <issuer distinguished name, serial number>. When the key identifiers are computed from the public key (as is recommended by RFC 3280), the likelihood of collision is acceptably small. Further, if there is a collision, an implementation can try the very small number of public keys that have the same identifier.

Russ

At 02:32 PM 10/28/2003 +1300, Peter Gutmann wrote:

"Blake Ramsdell" <blake(_at_)brutesquadlabs(_dot_)com> writes:

>S/MIME v3.1 implementations MUST allow for the use of the choice of
>subjectKeyIdentifier in messages.

Given the recent debate over the use of keyIDs on the PKIX list, shouldn't
this be:

  S/MIME vAnything MUST NOT rely on the use of subjectKeyIdentifier in
  messages.

Peter.