More on the .Mac/iChat certificate
Andreas Amann has compared the new
He found two interesting things:
- The .Mac/iChat key lacks the ?¢‚Ǩ?ìEmail Address?¢‚Ǩ¬ù field in the ?¢‚Ǩ?ìSubject Name?¢‚Ǩ¬ù section of the key and thus cannot be used for email signing in
Apple Mail like a certificate from Thawte or some other CA. - Towards the bottom of the certificate, in contrast to other certificates, Apple has a section called ‘Extended Key Usage”. Here Apple has nominated the second purpose of the certificate as “email protection”:
From this Andreas suggests that it “looks like Apple still has some plans in the pipeline for later:-)”
You can read more about the .Mac/iChat certificate on the “Apple Root Certificate Authority” section of the Apple web site.
Despite all this, at least one two readers have found that they can sign their emails with their .Mac/iChat certificate.
Does anyone have any further thoughts about, insights into or experience with this?
Tags: Apple Mail, certificate, iChat, macRelated posts
November 4th, 2005 at 3:20 pm
[...] the .Mac/iChat certificate is interesting in a number of ways. See the comments and the entry on “More on the .Mac/iChatcertificate”. [...]
November 4th, 2005 at 4:26 pm
Signing and encrypting is working for all tested .Mac owning accounts on one machine, and now for some but not all of the same accouns on a second machine. It may help to keep all references to .Mac email and AIM accounts in the address book in lower case. /criss
November 28th, 2005 at 1:16 am
[...] Although I couldn’t get it to work, some people like David Dunham were able to use their new iChat digital certificates to sign .Mac emails. And it looked like Apple had future plans to use the certificate for email signatures. [...]