> Well, the authorityKeyIdentifier (consisting presumably just of a
> KeyIdentifier) would have to match the issuer's subjectKeyIdentifier;
> why would we care how that has been computed?
Because the CA might not put the AKI in certs that it signs?
Is there a requirement that a CA whose cert as SKI must propagate
that as the AKI?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
