Silviu VLASCEANU wrote:
Hello,
I am developing an application which also has some CA functions. The
application knows the public key, KpC, of a client which has a priori
proven to this app the possession of KpC through an out-of-band mean.
Therefore, when the application "calls" the CA functionality to generate
the client's certificate, it should not need to provide the
Proof-of-Possession of KpC by the client.
My question is which are the steps to be taken by the application, in
order to have a certificate generated for KpC, without providing any PoP
to the CA?
Any comments are welcome. Thank you in advance for your answer!
I have the same queasy feeling upon reading this as I would
a request for instructions on how to remove one's own appendix.
The only advice I can offer is: don't.
- M
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]