bonny joy wrote:
> hi friends
>
> I need to know what what is the purpose of peer certificates what do we
> mean by that.
>
> If i get a certificate from a webserver.what trust i should give for
> that .is the trust is peer.
>
> These are the trust options given by the code
>
> p Valid peer
> P Trusted peer (implies p)
> c Valid CA
> T Trusted CA to issue client certificates (implies c)
> C Trusted CA to issue server certificates (SSL only)
> (implies c)
> u Certificate can be used for authentication or signing
> w Send warning (use with other attributes to include a warning when
> the certificate is used in that context)
>
>
> in the trust options if i give -c
> what does that mean.why not it is a superset of "TC".
"c" is a subset of "C".
"c" --> { valid CA }
"C" --> { valid CA, trusted CA }
likewise:
"p" --> { valid peer }
"P" --> { valid peer, trusted peer }
A peer cert is a non-CA cert. A server cert would be a peer cert.
-Ian
