> QUESTION THREE:
> I am building a CA for real so my root cert better by right the first
> time.
> Given the choice was is better for a root cert:
> A version 1 cert or..
> A version 3 cert with the basic constraints set?
I created a v3 cert with CA:TRUE set. Nothing else. If you do not set
this, NS will refuse to verify stuff.
Jan
--
alive=true
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
