[Cross-posted back to S/MIME, where the thread started]
Eric Norman <ejnorman(_at_)doit(_dot_)wisc(_dot_)edu> writes:
Is there a claim (#1 above) that you can have the DN in the subject of a
parent's (signer's) certificate be different from (as in different bunch of
bytes) the DN in the issuer of one of its offspring and yet the chain is
still valid because the xKIDs match?
Sure, in a spaghetti PKI (I'm using that as a generic term for a PKI that
violates the original X.509 design, i.e. with re-parenting, arbitrary cross-
certification, etc etc where issuers no longer match subjects). For example
MS apparently implemented chaining by sKID in Windows because of user demand
for this when the users broke chaining by issuer name through spaghetti PKI
design practices, and various other implementations no doubt do similar
things, depending on how they've read the PKIX tea leaves.
Peter.