I have seen this Certificate Discussion goin on too long. SO I am also interested to know more about it, All I know is what a CA is. Also I donot know, why is OPenssl being given so much importance for certificate?? and how do I use this certificate if I have it? (just give me practical details, thinking that I am on a linux machine connected to internet, and what commands I type so that my CA is put on net etc..) Thanks
On Tue, 14 May 2002 Erwann ABALEA wrote : >On 15 May 2002, Franck Martin wrote: > > > Because openssl is broken when handling smime and I need to >know from > > expert people what client works and how good it is when >handling > > certificates created by openssl.. > >Do you have an example of such S/MIME mail that can't be handled >correctly >by OpenSSL? > >BTW: there's really no difference between a certificate created >by OpenSSL >and one created by a classic certificate vendor (such as >VeriSign, Thawte, >or any other). The only important things are what you put in >your >certificates, and for what purposes the Root CA is trusted in >your client >software. > > > Moreover, I need to know what client is doing what. It seems >that some > > clients make some internet connection to verify >certificates... > >Yes, if the certificate that the client would like to verify >contains for >example a CRLDistributionPoint extension, then the client >software needs >to grab the CRL pointed by this extension, and validate the >certificate >based on this CRL. > >Same if the client software tries to validate the certificate by >asking an >OCSP responder. > > > What the use of having openssl if you can't use it, on a wide >range of > > platforms. > >OpenSSL can now be considered mature, and works perfectly on a >very wide >platform range. > > > On Tue, 2002-05-14 at 08:51, Erwann ABALEA wrote: > > > > On Tue, 14 May 2002, Franck Martin wrote: > > > > +AD4 I can tell you, now it works... > > +AD4 > > +AD4 What about your configurastion? > > > > +AFs-snip+AF0 > > > > Why are you testing your stuff on the OpenSSL-Users >mailing list? Can't > > you create your own mailing list for that purpose? Why >sending unnecessary > > emails to everybody for something that doesn't even >concern OpenSSL? > > > > Please think next time. > >-- >Erwann ABALEA <[EMAIL PROTECTED]> - RSA PGP Key ID: >0x2D0EABD5 >----- >ha bon donc dés qu'on ose faire la promotion de l'annonymitée >on >deviens un criminel >et un filtre de plus >-+- Y63 in: GNU - Faf, con, trouillard et fier de l'être -+- > > >______________________________________________________________________ >OpenSSL Project >http://www.openssl.org >User Support Mailing List >[EMAIL PROTECTED] >Automated List Manager >[EMAIL PROTECTED] _________________________________________________________ Click below to visit monsterindia.com and review jobs in India or Abroad http://monsterindia.rediff.com/jobs ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
