> something) I've realized that there is actually nothing in a
> certificate that tells anyone exactly where to go to get the issuer's
> certificate (i.e. walk the chain).
Right. That's pretty much why all PKI protocols are client-push.
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
