Michael Bell wrote: > alexandru matei schrieb: > > > Yes. I already mad this. I can send a diff on monday. > > Ok, do it please. > The diff is attached > > > > This is really dangerous because we force everybuddy (not only the RA > > > Operators) to use Netscape. The CRIN-mail is a good idea. > > > > > > > Why is that? Can't we sign from Internet Eplorer? And anyhow, there is a pem > > request also... > > Yes, we cannot sign with IE. If there is somebody who can do this then > we would be really interested. > I'll look into it. No promise to find a answer, though. (IE is a Microsoft product ;-) ) > A new question: If a client want a server certificate but he's unable to make a PKCS#10 request (correct request) how can he obtain one? Because on generic request he can make such request. But when the cert is issued, he can download just the certificate (not the private key associated). I understand there is a good reason for this (else anybody can download it too, and a btute force attack on private key password is possible). How could we overcome this limitation, but preserving the security? I thought that receiving the private key in a encrypted mail can be the answer... ? Alex
lists.diff
Description: application/unknown-content-type-diff_auto_file
