Chase Douglas wrote:
> I'm reading the actual X.509 (03/2000) specification and it refers to
> a subjectPublicKeyInfo field. Is this what you are meaning by
> "subjectKeyIdentifier"?
These fields are not useful because they are not required to be hashes of
the public key. You should use a hash o
Kyle Hamilton wrote:
> Dave S, I wish that you would read the entire message and maybe clear
> your system of a bit of the current X.509 FUD kool-aid. This is
> "person to his own server at home". This does not require any kind of
> third-party reference (asking someone else to introduce your c
> This is an SSH-like scenario (meaning, the subject is already known to
> the principal, who has made a choice to use the services provided by
> that subject). Instead of trying to display the contents of a
> self-signed webserver certificate, the only thing that you can really
> truly verify is
Dave S, I wish that you would read the entire message and maybe clear
your system of a bit of the current X.509 FUD kool-aid. This is
"person to his own server at home". This does not require any kind of
third-party reference (asking someone else to introduce your computer
to you? That's a waste
Chase Douglas wrote:
> I am developing an iPhone app that will incorporate SSL for encryption
> of network communication. The encrypted connection will be between
> average users and their home servers. Most of the time I envision
> people having SSL certificates that cannot be validated with the
