RE: Authentication vs. binding signature, and ephemeral vs.permanent key usage

> Does VeriSign set any of the KeyUsage bits? If yes, how would I 
> know which ones
> are set? Neither Netscape's or Microsoft's browsers' display very much
> information about a certificate.

You can look at the OIDs...

I would not expect a browser to pretty print an extension until it
undferstood it.


> >More generally however the key usage bits are a feature that is 
> >most likely to be of relevance in an enterprise environment, in
> >particular in conjunction with key recovery and dual key issue.
> 
> I do not think that everyone agrees. I doubt that all your 
> customers getting
> certificates for S/MIME think they are strictly for "an 
> enterprise environment".

That is not what I said. I was referring to the key usage bits,
not S/MIME. I would not expect the general public to be the 
first community of S/MIME users to demand support for the
key usage bits.

> In addition, I have not seen anyone state that they want their 
> signing keys used
> with any key recovery system.

No. But unless a customer is using a key recovery system the
incentive to use separate signing and encryption keys is not
as great.

A user of a key recovery system would be very likely to want to
set the key usage bit 'NR' in their signing cert and clear it
in their encryption cert.

Indeed the motivation for having the key usage bits comes from
not wanting to escrow signing keys.

[Replies relating to products off list]

        Phill