Re: [Fed-Talk] Re:DHS and DOE Certificates
Re: [Fed-Talk] Re:DHS and DOE Certificates
- Subject: Re: [Fed-Talk] Re:DHS and DOE Certificates
- From: "Timothy J. Miller" <email@hidden>
- Date: Wed, 01 Nov 2006 09:49:50 -0600
Paul Derby wrote:
Our company communicates with Los Alamos National Labs(LANL), which uses
Entrust for their X.509 certificates. They issue their own
certificates, so in the "Issuer Name" section of the certificate the
"Common Name" field is NOT present. Since the certificates from LANL do
not have this issuer field, they are not chained to a Certificate
Authority. When you try to read an encrypted email message from the
individual at LANL, MAIL throws an error stating: "unable to decrypt
message". Clicking on "show details" says the certificate isn't valid.
Send me one of these certs. Issuer DN *must* be present or it's a
busted X.509 cert.
If you go into ADDRESS BOOK and double click on the check mark next to
the email address for the individual holding the certificate, you get
the message: "This certificate was signed by an untrusted issuer" which
is bogus, since the cert isn't signed at all.
All certs are signed or they're not certs.
-- Tim
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden