Massimiliano Pala schrieb: > > Michael Bell wrote: > > > It's very easy - the user decide what he want and it is it's own risk. > > All leading commercial systems are online-CAs. > > This is no argument. Most national law systems require the CAs to be > disconnected to be recognized as a valid CSP. Also online-CAs is to be > avoided, absolutely.
No, it's an economical problem and OpenCA should be used by normal companies too. Online-CA vs. offline-CA is not only a question of security it's a question of rentability too. Onlne-CAs are often much more cheaper (TCO) because nobody must move physically to the CA. Several systems give the RA Operator the rights to handle the hole issuing process by himself (see Baltimore and Entrust which have ITSec E3 and Common Criteria EAL3). Michael -- ------------------------------------------------------------------- Michael Bell Email (private): [EMAIL PROTECTED] Rechenzentrum - Datacenter Email: [EMAIL PROTECTED] Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482 Unter den Linden 6 Fax: +49 (0)30-2093 2959 10099 Berlin Germany [OpenCA Core Developer] http://openca.sourceforge.net _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
