I want to thank to all the people that has commented on this.
I want to analyze all that you have written before asking you more
questions, especially the kerberos and PKI comments.
I will then surely get back to you with more questions :)
Martín Coco wrote:
> Hi,
>
> We're in the process of de
On Fri, Nov 24, 2006 at 12:10:27PM +0100, Michael Str?der wrote:
> > Intra-organizational problems in this space
> > are much better addressed by Kerberos, not PKI.
>
> I fail to see why.
- Because the off-line (no on-line oracle, instead a CA issuing long-lived
credentials) certificate model pr
Victor Duchovni wrote:
> On Thu, Nov 23, 2006 at 06:46:23PM -0300, Mart?n Coco wrote:
>
>>My main goal is to design a PKI for our server infrastructure (ldaps,
>>https, mail, vpn, etc.) The problem is that, for example, when reading
>>the mentioned book, all the examples are based on people, but n
On Thu, Nov 23, 2006 at 06:46:23PM -0300, Mart?n Coco wrote:
> My main goal is to design a PKI for our server infrastructure (ldaps,
> https, mail, vpn, etc.) The problem is that, for example, when reading
> the mentioned book, all the examples are based on people, but not on
> systems or services
Martín Coco wrote:
Hi,
[...]
I've been reading the man for OpenSSL, this mailing list, and also
acquired the book "Planning for PKI".
I've not read the book. Maybe I can nevertheless give you some helpful
hints.
My main goal is to design a PKI for our server infrastructure (ldaps,
https, ma
Hi Martin:
On Thursday 23 November 2006 16:46, Martín Coco wrote:
> Hi,
>
> We're in the process of designing a PKI infrastracture for our company,
> and I have a couple of design questions about it. I know this is an
> OpenSSL mailing list, but it seems a right place to discuss this. If
> it's no
Hi,
We're in the process of designing a PKI infrastracture for our company,
and I have a couple of design questions about it. I know this is an
OpenSSL mailing list, but it seems a right place to discuss this. If
it's not, I'll appreciate if you can hand me some links to a more proper
place.
I've
