> What makes you think it is incorrect to check the Key
> Identifier (where present) before checking a signature
> against a key?
An X.509 certificate does one thing: it binds a public key to an
identity. In PKI, a public key alone means nothing because trust is
placed in principals or issuers.
In end entity certificate, you don't need the Issuer DN and AKI
because they are disjoint and uncertified. You need the issuing
certificate with a valid signature. But it would be helpful to find
the issuer's certificate easily.
If the AKI is missing, wrong or a duplicate, then it just means that
you lost the ability to find an issuing certificate easily.
OpenSSL could be more flexible or friendly in its building strategy.
But that could move into the "which directory" problem rather quickly.
If Yuting Chen provided a store with the required certificates, then
OpenSSL is probably incorrect. Chen's original email does not detail
it, so its hard to say at the moment.
> What other reasonable purpose could the Key Identifier
> fields serve?
Its a hint to help find the issuing certificate. Its supposed to be
used when an issuer has multiple signing keys.
The AKI does not need to be a key identifier. It can also be be the {
Issuer DN, Serial Number } pair of the issuer's certificate.
Jeff
