Re: [Fed-Talk] Entourage, CAC, Digital Signatures and Encryption
Re: [Fed-Talk] Entourage, CAC, Digital Signatures and Encryption
- Subject: Re: [Fed-Talk] Entourage, CAC, Digital Signatures and Encryption
- From: Michael Kluskens <email@hidden>
- Date: Thu, 3 Nov 2005 15:02:57 -0500
On Nov 3, 2005, at 2:49 PM, Timothy J. Miller wrote:
These sound like you selected your identity certificate instead of
the email signing certificate. This is legal according to the RFCs
becaus e both certificates have the correct basic key usages for
signing, but the email signing cert has several additional extended
key usages for user authentication.
Since your ID cert doesn't contain your email address, S/MIME
clients are required to notify you of that fact when they verify
the signature. Thus the message.
I should point out a third possibility, somehow we have a number of
certificates (on CAC cards) that don't have an email address
associated with them, I have seen them in the CAC Card Viewer in OS X
10.3 and I have seen them in the DoD database when trying to download
all certificates for our division.
Michael
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden