dual-use digital signature vulnerabilityastiglic at okiok.com
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Thu Jul 29 00:01:31 EDT 2004
<Michael_Heyman at McAfee.com> writes:
><2 cents>In the business cases pointed out where it is good that the multiple
>parties hold the private key, I feel the certificate should indicate that
>there are multiple parties so that Bob can realize he is having authenticated
>and private communications with Alice _and_ Alice's employer. X.509 does not
>provide a standard way to encode multiple subjects.</2 cents>
Yes it does, if you needed this you could add an extension (say)
additionalRecipients with a SEQUENCE of GeneralName naming the additional
parties listening in.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list