Damn previous post should have been under the CA's/PKI subject header, not NDR's (was content)....
Apologies Mylo >This sort of jumps in and out of topic re: this forum, so apologies if I stray too >far, and bear with me .. it all >ultimately relates to mail .. honest :) >I wish to use a stand-alone root CA on Win2K, certificated (is there such a word?) >through one of the trusted root >authorities - Verisign/Thwaite/Entrust. >Hanging off this stand-alone root will be subordinate stand-alone's and subordinate >Enterprise CA's. The ultimate >aim, being able to distinguish between >internal/external users from an certificate enrollment perspective, and to >use >various encryption/signing techniques for transmitting mail. >Questions are twofold: >1. Do I have to use DSSTORE to import the certificate from the trusted third-party >into the stand-alone Root CA >and is the only valid format PKCS#12 ? There is an import button on the Install >wizard during the Certsrv >installation phase which suggests certs can be brought in from trusted sources. >2. Is the use of certificates in this grandfather/father/child type manner a valid >one. >btw... any URL's or links to sites concerning PKI and Messaging would be appreciated. >Ta muchly, >Mylo >PS: Has anyone actually done this ? _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
