To All- I'm new to the list and beginning to explore OpenSSL. Because of an interest in PGP and PK encryption in general, I began to look at X.509s. To ease their creation, OpenSSL was suggested and a series of batch files were written to organize that effort and make it as painless as possible. I make no pretense at being a programmer, but have placed those files in a group calling them "Personal PKI Toolkit". - http://home.earthlink.net/~johnridgecook/Personal_PKI_Toolkit.html
These are at an "Alpha" stage but quite usable on the average Windows platform. At present they are in 3 groups- A)A Root-User hierarchy, suitable for use by a small office or family who need the ability to securely communicate. The resulting certificates can be imported to work/school mainline email clients for S/MIME or personal machines and various VPN programs. In a small business environment, they would provide the necessary elements for having a secure website, email, file transfers, or VPN.if the Root Certificate can be distributed and accepted with confidence. B)A Root-Intermediary-User hierarchy for a full fledged Certificate Authority. Here one could have a Root, signing multiple authenticating Intermediaries (Europe, Asia, North America-or-Accounting, Sales, Management.) who then signs Users under those particular Intermediaries. C) An end User certificate request for submission to an existing Certificate Authority. This request can be of whatever key size and contain whatever data you wish. When the signed certificate is returned, it can be combined with its private key and converted to .p12/,pfx format for import into Internet Explorer, Mozilla/Netscape, PGP, and any other program that uses X.509 certs. Testing of certificates with sizes up to +16k have found them compatible with Mozilla, IE, various versions of PGP, GPG, 2k server, etc... Are they complete? No, I'm sure we have missed some things and refinement of extensions is necessary; but its a start . Any "newbie" like myself might find them useful Yours- Ridge Cook -- ---PGP Key 0x43537711--- Personal PKI Toolkit-Alpha http://home.earthlink.net/~johnridgecook/Personal_PKI_Toolkit.html ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
