On Thu, May 14, 2009, Lasse Kliemann wrote: > Assume that I sign a document's digest with 'openssl dgst -sign > ...' and distribute the document with the signature. How can I > help recipients to find a corresponding certificate (i.e., one > that contains a public key to successfully verify the signature > and usually which also contains some identity information that > has a relation to the document)? If a recipient has a list of > trusted certificates, without any additional information, it > looks like he has to resort to check each and every of his > trusted certificates, to see which one fits. > > S/MIME solves that by including the certificate in the document.
Actually this is optional. S/MIME includes an identifier to the signers certificates. In PKCS#7 the only permissible identifier is the issuer name and serial number. In CMS a key identifier is also permissible. Various certificates can also be included such as signers certificates themselves but this is not compulsory. > I do not want this in my application. AFAIK, GnuPG solves a > similar issue by including a key ID. I thought that maybe > including the certificate _fingerprint_ would be a good idea, > when using OpenSSL. Then, recipients can sort their trusted > certificates by fingerprint. However, it appears to be common > practice to sort certificates by their _subject hash_ instead. > What is the reason for using the subject hash instead of the > certificate fingerprint? > It does sound like S/MIME does exactly what you want using a detached signature. That would be preferable as opposed to inventing an incompatible version with possible security issues. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
