I disagree. Key identifiers are much smaller than <issuer distinguished
name, serial number>. When the key identifiers are computed from the public
key (as is recommended by RFC 3280), the likelihood of collision is
acceptably small. Further, if there is a collision, an implementation can
try the very small number of public keys that have the same identifier.
At 02:32 PM 10/28/2003 +1300, Peter Gutmann wrote:
"Blake Ramsdell" <blake(_at_)brutesquadlabs(_dot_)com> writes:
>S/MIME v3.1 implementations MUST allow for the use of the choice of
>subjectKeyIdentifier in messages.
Given the recent debate over the use of keyIDs on the PKIX list, shouldn't
S/MIME vAnything MUST NOT rely on the use of subjectKeyIdentifier in