Alexander 'Alfe' Fetke wrote:
> Hi, Goetz Babin-Ebell,
Hello Alexander,
> On Wed, 13 Dec 2000, Goetz Babin-Ebell wrote:
>
> > Alexander 'Alfe' Fetke wrote:
> >
> > > I am not looking for a long-time service but just for a single act of
> > > service: The CA shall have a close look at us to be sure that we are who
> > > we claim to be and then issue a certificate which states that -- nothing
> > > more :-}
> >
> > Yes, commercial CAs do that.
> > But you have to say what you want to do with your certificate.
>
> i understand that.
>
> > I still don't know if you need client certificates
> > for your customer or a server certificate for you.
>
> we will sell our product and do not need anything for ourselves.
> our customers are going to need certificates, and we are trying
> to find out what we can do beforehand for them. our customers
> will run our application which will be both client and server.
> the used protocols will be IIOP over SSL or plain IIOP (but then
> of course without encryption, so this case is not of interest).
>
> we are not planning to issue certificates by ourselves or make
> our customers issue anything.
I think you want:
You have customers.
These customers will need certificates for secure communication.
Every customer has servers and clients.
Servers of one customer communicate only with clients of this customer ?
(The servers are not public...)
You yourself don't want to issue any certficates.
But you want a way to tell the CA:
"I have verified this certificate request, please issue a certificate."
You want to become a RA.
You are asking for a PKI.
And this is more than yust one time verify and go...
By
Goetz
--
Goetz Babin-Ebell, TC TrustCenter GmbH, http://www.trustcenter.de
Sonninstr. 24-28, 20097 Hamburg, Germany
Tel.: +49-(0)40 80 80 26 -0, Fax: +49-(0)40 80 80 26 -126
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
