Michael Helm wrote: [...]
What I wanted to try (& might eventually) is going back to the client test we did some time ago. We found that the client always ignored the extra subjectaltname entries, and so I suspect that the subject components are the ones evaluated.
To my knowledge, tests made recently with all major email clients available gave completely different results. Multiple emailAddress entries were not supported while multiple email within subjectAltName usage was supported (not by M$ client).
--
C'you,
Massimiliano Pala
--o------------------------------------------------------------------------ Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED] Tel.: +39 (0)59 270 094 http://www.openca.org Fax: +39 178 270 2077 http://openca.sourceforge.net Mobile: +39 (0)347 7222 365
University of Modena and Reggio Emilia Certification Authority Informations:
Authority Access Point http://pki.unimo.it Authority's Certificate: http://pki.unimo.it/ca/issuers.html Certificate Revocation List: http://pki.unimo.it/crl/cacrl.crl --o------------------------------------------------------------------------
smime.p7s
Description: S/MIME Cryptographic Signature