From: Dr S N Henson <[EMAIL PROTECTED]> stephen.henson> My point was that in some applications certificates stephen.henson> may be added from an untrusted source. An example stephen.henson> would be an S/MIME application which adds certificates stephen.henson> for later use from S/MIME messages. It may add stephen.henson> certificates even though it doesn't trust the issuer stephen.henson> so that a user might trust a certificate by out of stephen.henson> band means. This is the kind of thing that Netscape stephen.henson> messenger and other S/MIME clients can do. In such a stephen.henson> case things like duplicate issuer and serial numbers stephen.henson> may occur and should be protected against (at whatever stephen.henson> level).
I'm not sure in what case (modulo idioty like more than 1 issuer using the same Snake Oil certificate as CA certificate) there would be duplication. I can imagine that one might get the same certificate from several source, but I'm pretty sure it could be resolved but applying a little bit of automagic intelligence and tossing all duplicates except for the copy that has the highest trust attached to it. Trust, BTW, could rather easily be handled by attaching internal attributes to certificates with extra information. Those attributes are not part of the certificate itself, of course. Was that approximately the way you saw this being done as well? In any case, I find this discussion a bit moot, since different application might search for anything. Netscape Navigator, as far as I have understood, has the email addresses as index key for S/MIME certificates. I would rather see that applications can request indexes on a rather flexible set of basic types, and request searches according to basically whatever. The keys used could be attached to each certificates as another of those internal attributes I mentioned above (and each certificate could have more than one key attached to it). If actual indexes are really built would be up to the plugin. Then, having indexes based on the hash of the full certificate wouldn't be something we'd have to decide, would it? Does that sound like a feasible thought? -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-733-72 88 11 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Software Engineer, GemPlus: http://www.gemplus.com/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]