Bob,
(I know that there have been some follow-ups to this, but I'm just
going to quickly state here what's up at my end.)
Since I don't have PEM up and running on my PC, I can't
parse your issuer certificate chain to see who issued your
certificate, and who your PCA is, but I would be curious to
know.
I'm currently registered via TIS/PEM as my PCA. I've been a beta
tester of TIS/PEM for quite some time, and when I moved here to DISA
from CERT (Carnegie Mellon), I kept my TIS/PEM work going. When there
is a .gov/.mil PCA someday, I'll re-register under that. Also, I
registered a CA for the Directorate that I am in in our Center (the
Center for Information Systems Security, within DISA, the Defense
Information Systems Agency).
My CA is registered as:
Country Name : US
Organization Name : Defense Information Systems Agency
Organizational Unit Name : Center for Information Systems Security
Organizational Unit Name : Countermeasures
My own certificate is subordinate to that, and is:
Country Name : US
Organization Name : Defense Information Systems Agency
Organizational Unit Name : Center for Information Systems Security
Organizational Unit Name : Countermeasures
Organizational Unit Name : Operations
Common Name : Kenneth R. van Wyk
Each member of my division (Operations) gets a PEM certificate like
mine, so that any of us can send out ASSIST Bulletins that are signed
by PEM.
Hope that clarifies any confusion - if indeed there is still confusion
over this.
Regards,
Ken van Wyk