On Thu, 31 Oct 2002, Frédéric Giudicelli via RT wrote: > ROOT CA's authorityKeyIdentifier extension gives its own DN as issuer (normal) > INTERMEDIATE CA's authorityKeyIdentifier extension gives ROOT CA's DN as issuer >(normal) > A certificate signed by INTERMEDIATE CA, gives ROOT CA's DN as issuer > (not normal), shouldn't it be INTERMEDIATE CA's DN ? since the issuer of > this certificate is INTERMEDIATE CA and not ROOT CA.
OpenSSL is right. To use 'human' terms, to point to your father, you have to give your grandfather's name and the exact number of your father among all your grandfather's children. That's how it's done, and that's how it has to be done. -- Erwann ABALEA <[EMAIL PROTECTED]> - RSA PGP Key ID: 0x2D0EABD5 ----- Le netétiquette n'est qu'une vaste fumisterie,il faut de l'argent pour fonctionner,à force,en France de refuser tout rapport sain avec l'argent,l'on riqsque de tuer ce nouvel outil. -+- AA in: Guide du Neuneu d'Usenet - Le netétiquette du riche -+- ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
