> I want to do a commercial client application capable
> to handle https (that is the only purpose to include
> openssl) and I was wondering if it is legal to
> distribute the file that contains the certificates
> that were bundled with Netscape.
I'm not sure I understand what you are looking for. If you're looking
for a
list of root certificates that you might choose to trust, they are widely
and openly available. I'm pretty sure OpenSSL includes one.
> Actyally, can a company X generate their own
> certificates to be used with openssl instead of those?
> I noticed there are some utilities in openssl to
> generate certificates.
What certificates for what purpose? Are you talking about the
ceritificates
a client presents to identify itself? Or are you talking about a default
list of trusted root certificates?
> Sorry if these questions seem trivial to you but I am
> new to openssl and cryptography. I am in Canada.
You could start by telling us in as much detail as possible what it is
you
are trying to do. Telling us what you think you need doesn't help us to help
you.
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
