[Top] [All Lists]

Re: [smime] [pkix] [Fwd: I-D ACTION:draft-turner-md2-to-historic-00.txt]

2010-06-10 21:50:39
Dr Stephen Henson <lists(_at_)drh-consultancy(_dot_)demon(_dot_)co(_dot_)uk> 

The self signed root CA issue was worked around by disabling the signature
check on the root CA by default, since it is redundant.

What about catching accidental data corruption?  It still acts as an integrity
check, even if it's not an authenticity check.

(I recently ran into a situation where mangled PEM-encoding had corrupted
portions of CA root certs, and in some cases only the sig check would have
caught it).

smime mailing list