I think it would be better for use the issuer/serial approach in that
case. There is more than one way to compute the subjectKeyIdentifier
value, even if one is preferred. So, it would be ambiguous if the
extension was not included in the certificate.
Russ
On 3/31/2010 1:19 PM, Michael Ströder wrote:
HI!
If an S/MIME cert does not contain a subjectKeyIdentifier extension is a
sending S/MIME MUA allowed to generate RecipientInfos referencing the
receiver's cert by (self-calculated) subjectKeyIdentifier (instead of issuer
name and serial number)?
IMHO RFC 5750 is not really clear on that.
Ciao, Michael.
_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime
_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime