Nelson; In collecting data for this reply, I found that you are correct. On the screen are two links (so to speak). One is an Address Card icon and the other is a "Download" link. The link has a number of LDAP args and ends with the "application/x-x509-email-cert" mime type.
But I will include the specifics anyway. These certs do raise some questions. URL=https://ds-web.c3pki.chamb.disa.mil/dsgw/bin/lang?context=dsgw-mail "Standard Search" "wojcik" as search arg Pick 3rd entry (Not LRA or RA) Click "Download Certidficate". Nothing changes on the screen, no pop-up, but cert is loaded. Clicking the Address card in Mozilla gives you a download that Mozilla doesn't know how to handle, where as Netscape presents a popup and a simple display. Examining the Cert shows: Index has Name and email address. Detailed view failes to show email (in recognizable form). BUT under extensions is OID 2 5 29 17 (subAltName) is a hex string with his email address Obviously some piece of code could read this extension, because the email address came from it. Victor Probo Nelson B. Bolyard wrote: > Victor Probo wrote: > >>Nelson; >> Your response is probably an over-generalization: >> >> "> AFAIK, a text/x-vcard is not a certificate. So, it's no surprise that >> > Netscape browsers don't load it as if it were one." >> (see below for context) >> >>When I access the very same LDAP and card image with Communication 4.78 I >>get a popup that proclaims *"Downloading an E-Mail Certificate"*. Clicking >>'OK' will place it into the database for 'Other' certificates. >> >>It seems that the "Netscape" in your response should read "Mozilla". >>Netscape works, Mozill has yet to handle it.... >> >>Victor Probo >> > > If you have a way for me to see this phenomenon, please tell me. > > In the interim, I'd guess that the vcard contained a link to a page that > downloads a cert. > > AFAIK, in Netscape browsers, cert downloads only happen with MIME types > application/x-x509-user-cert > application/x-x509-ca-cert > application/x-x509-email-cert > > text/x-vcard isn't one of those. > > -- > Nelson Bolyard > Disclaimer: I speak for myself, not for Netscape >
