> OpenSSL could be more flexible or friendly in its building strategy.
> But that could move into the "which directory" problem rather quickly.
>
This is kind of interesting. Looking at RFC 5280, section 4.2.1.1
Authority Key Identifier (p. 26):
The value of the keyIdentifier field SHOULD be derived
from the public key used to verify the certificate's signature
or a method that generates unique values.
So there's no requirement that the digest of the signer's public key
be used in the subject's AKI. It looks like it could be a totally
random value. The only requirement is that its unique.
Now this is odd or at least counter-intuitive: the standard does not
require that Authority Key Identifier in the subject certificate
actually match the Subject Key Identifier in the signer. Its not
stated and labeled MUST; in fact, it does not appear to be stated. I'm
looking at sections 4.2.1.1 Authority Key Identifier and 4.2.1.2
Subject Key Identifier (maybe its stated elsewhere).
If I am reading things correctly: I think that means OpenSSL is
incorrect if its rejecting a valid path that could be constructed. I
have to be careful how I say this since it depends on OpenSSL having
the required certificates to construct the path (among other things).
But a mismatched AKI is *not* a reason to reject.
Jeff
