Hi,
I have had a recent interoperability issue with a application vendor that
didn't like the key-usage attributes in a cert from a CA vendor's
certificate. Signing certs work fine, it was an encryption cert that failed.
CA sets key-usage = "key encipherment".
Application wants to encrypt some XML data so looks for key-usage = "data
encipherment". Reason - because XML is data, not a key.
I believe the application vendor is wrong and I explained that the RSA key
actually encrypts an AES key so it doesn't directly encrypt the data but
they want an official "pkix" ruling based on the standard so can someone
please refer me to a statement in the standard that clears this up.
Thanks,
Simon McMahon.
Simon McMahon
Work: (07) 31311420
Mobile: (043) 2294180
Simon McMahon
Work: (07) 31311420
Mobile: (043) 2294180
***********************************************************************************
This email, including any attachments sent with it, is confidential and
for the sole use of the intended recipient(s). This confidentiality is
not waived or lost, if you receive it and you are not the intended
recipient(s), or if it is transmitted/received in error.
Any unauthorised use, alteration, disclosure, distribution or review of
this email is prohibited. It may be subject to a statutory duty of
confidentiality if it relates to health service matters.
If you are not the intended recipient(s), or if you have received this
email in error, you are asked to immediately notify the sender by
telephone or by return email. You should also delete this email and
destroy any hard copies produced.
***********************************************************************************