[15853] in cryptography@c2.net mail archive
RE: dual-use digital signature vulnerabilityastiglic@okiok.com
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Fri Jul 30 14:55:55 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@metzdowd.com, Michael_Heyman@McAfee.com
In-Reply-To: <5856CEA9F0E6244CB2A8F77162041781639804@rocexmb1.corp.nai.org>
Date: Thu, 29 Jul 2004 16:01:31 +1200
<Michael_Heyman@McAfee.com> writes:
><2 cents>In the business cases pointed out where it is good that the multiple
>parties hold the private key, I feel the certificate should indicate that
>there are multiple parties so that Bob can realize he is having authenticated
>and private communications with Alice _and_ Alice's employer. X.509 does not
>provide a standard way to encode multiple subjects.</2 cents>
Yes it does, if you needed this you could add an extension (say)
additionalRecipients with a SEQUENCE of GeneralName naming the additional
parties listening in.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
