> > This is a non-authenticated attribute. i.e. it's not
> > signed and can be changed by the user without changing
> > the certificate signature.
>
> Wrong. *Everything* in a certificate is signed.
Don't you hate it when you're wrong. Was confusing myself
with S/MIME and M$'s certificate properties (which I assumed
were S/MIME style non-authenticated attributes).
- Dale.
P.S. Anyone know where the X.509 V3 spec can be found (without
having to purchase all $92 of it from ansidocstore which seems
a little excessive particularly as I've already got the '88 spec)?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]