Notes ID file - Key Identifier

hcl-bot · April 14, 2003, 6:26am

Do anyone know how to calculate or retrieve the Notes ID file key identifier?

In Notes Client,

File->Security->User Security

Then Your Identity->Your Certificate

For example,

Key: 1M6WF 81SR2 7ASPQ VTZQU 2PKB3 F341E

Thank you very much!

hcl-bot · April 14, 2003, 9:47am

Subject: Notes ID file - Key Identifier

This is a MD5 or SHA1 checksum of a certificate - I don´t think you can easily calculate that fingerprint by yourself What do you want to achive?

-Urban

hcl-bot · April 14, 2003, 11:23pm

Subject: RE: Notes ID file - Key Identifier

This is also my guess.

If it is MD5, it is 128 bit.

(128/4 = 32 hex digits)

If it is SHA1, it is 160 bit.

(160/4 = 40 hex digits)

According to the example,

1M6WF 81SR2 7ASPQ VTZQU 2PKB3 F341E

it is 5*6 = 30 digits

it is using 0-10, A-Z (by observation),

Each digit 36 combinations => 5 bit information.

5 bit * 30 digits = 150 bits

So, no clue on the calculation and how the encoding is. Any clue?

hcl-bot · April 14, 2003, 11:38pm

Subject: RE: Notes ID file - Key Identifier

In fact, what I am trying to do is to find a unique identifier of a Notes user.

A Notes user name is not unique since this can be re-created by the Certifier.

It seems that the only unique identifier of a user is the public key.

So, I am thinking using the hash of the public key to be the unique identifier.

I did observe that there is a Key Identifier in Notes. So, I am thinking whether I can use it. (instead of creating my own.)

Note: This is related to the implementation of 21 CFR Part 11 compliance.

hcl-bot · April 15, 2003, 4:17am

Subject: RE: Notes ID file - Key Identifier

Interesting question (didn´t know about 21 CFR Part 11). Can´t really help you with the key identifier, as I havent found any documentation about it. As it´s a value hashing the certificate, it might be hard to recalculate it (because the certificate itself consists of several fields like public key, user name, expiration date, name of the issuing authority etc. - maybe more).

You say “A Notes user name is not unique since this can be re-created by the Certifier”. While this is correct of course, I do not see the problem here. If you are talking about uniqueness regarding authentication, you can achieve this with the “compare public key” or “check password” feature; if you are talking about encryption, still no problem, as when recreating the user the private key changes, too. Does that help? (I am afraid not, as I am certain you knew about that already)

-Urban

hcl-bot · April 15, 2003, 10:48pm

Subject: RE: Notes ID file - Key Identifier

Here is the link of the white paper talking about Domino and the Part 11.

http://www-10.lotus.com/ldd/__8525665C005450AD.nsf/0/37D30C0D58F0BD8C85256CB8004DF477?Open

hcl-bot · April 16, 2003, 3:09am

Subject: Interesting, thank you (re: Notes ID file - Key Identifier)