7;t
really be trusted, and any app that does so is broken.
cj
- Original Message -
From: "Jason Haar" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, November 25, 2002 10:06 PM
Subject: Re: Combine certificates into chain
> On Mon, Nov 25, 2002 at 01:
P.S.: What's this talk of attempting an LDAP authentication
when checking a cert's revocation status? Which server do you
try to authenticate to, and who is then looking up the cert in
some CRL? I know LDAP as well as directory schema but can't see
what you are referring to. I'd
Yes, this we use as well.
Using LDAP for the authentication, including certs, allows to forget the
CRL-stuff, if you need it for authentication on a server or portal.
And, compared to CRLs, it is much more real time.
Am 2002-11-25 7:53 Uhr schrieb "Jimi Thompson" unter <[EMAIL PROTECTED]>:
...
>
On Sun, Nov 24, 2002 at 09:29:09PM -0800, Jimi Thompson wrote:
> It is also interesting to note that for practical purposes Certificate
> Revocation Lists are invalid. While they do exist and are part of the
> standard, very few applications are written to take advantage of them.
Once
> a certific
On Sun, Nov 24, 2002 at 09:29:09PM -0800, Jimi Thompson wrote:
> It is also interesting to note that for practical purposes Certificate
> Revocation Lists are invalid. While they do exist and are part of the
> standard, very few applications are written to take advantage of them. Once
> a certifi
So Microsoft, trying to be "clever" again, seems to have fooled
me into thinking the chain could be in the file, whereas
now I know it isn't in my example file and I suspect it can
never be. If anyone can confirm this, I'd be interested.
Sebastian,
This is indeed the case. The
Well, I think I've figured it out by myself now. I found
and read some information about the way Windows verifies
certificates (trying to build a certificate chain with
the certificates from its "trusted" store(s), assigning
preference values to the chains found, and such). It
> I'm curious. You say your CA gave you a PKCS12 file with
> a cert in it, *and* a private key in it? Whose private key
> did they give you? If it's yours, then you've just opened a huge security
> hole by allowing them access to your private key. If it's someone
> else's, can you send it to m
- Original Message -
From: "Sebastian Lisken" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, November 22, 2002 11:45 AM
Subject: Combine certificates into chain
>
> Hi, I have been issued a certificate by a CA. They make a
> .pkcs12 file available with a password for
