dual-use digital signature vulnerabilityastiglic at okiok.com

[Peter Gutmann]

<Michael_Heyman at McAfee.com> writes:

><2 cents>In the business cases pointed out where it is good that the multiple
>parties hold the private key, I feel the certificate should indicate that
>there are multiple parties so that Bob can realize he is having authenticated
>and private communications with Alice _and_ Alice's employer. X.509 does not
>provide a standard way to encode multiple subjects.</2 cents>

Yes it does, if you needed this you could add an extension (say)
additionalRecipients with a SEQUENCE of GeneralName naming the additional
parties listening in.

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com