Julio Sánchez Fernández wrote: > What I would like is better support for running N CAs at the same time. > I currently run one root CA and 4 subordinate CAs for different purposes > and I am thinking of running more (I am thinking of having highly automated > CAs that can issue short-lived certificates to be used in emergencies and > such).
If you want to use several CAs you should completely isolate them from eachother. We can try to automate the exchange between PKIs in a hierarchy but we should never share any software between different PKIs. (e.g. perhaps you need different versions for different CAs in the future because of different features) We don't make plans actually about thinks like Baltimore's (TM) policy-roll-over or policyeditor. We try actually to define a good structure for the basic installation of a single PKI to come closer to a version 1.0. The version 0.9 should define the final structure of the 1.0. Michael ------------------------------------------------------------------- Michael Bell Email (private): [EMAIL PROTECTED] Rechenzentrum - Datacenter Email: [EMAIL PROTECTED] Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482 Unter den Linden 6 Fax: +49 (0)30-2093 2959 10099 Berlin Germany [OpenCA Core Developer] http://openca.sourceforge.net _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
