Let's have a KPLUG (self-signed) CA KPLUG can/will sign member certs
Possible uses: ************* client-cert authentication at our site for some (future) special access members may exchange certs for similar mutual auth (eg stunnel) nebulus KPLUG membership _status_ benefit ==> what else? there must be something? ==> Brainstorming contributions, please Costs: ***** infrastructure -- CA administrator/-ion, policies/procedures, CRL applicant identification, csr generation and acceptance need config specs for (minimal) csr content & recipe, web form? csr could be accepted at upcoming gpg signing party could accept csr vouched-for (signed) by N members or ?? Open-ended question: ******************* Might there be a future in cross-signing of self-signed CAs like this to establish some kind of trust web? Maybe there already is? (Could be I butchered the terminology?) Regards, ..jim -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-steer
