since the approveCSR seemes to switch directly to the status APPROVED_REQUEST?
so what would we need? a config parameter which defines the number of required signatures
checking how many already there set the status to SIGNED_REQUEST or keep this one till enough signatures are there?
or did i miss something? ;o) didn't find any hints in the current documentation nor the code visiting...
i'm just asking, since the option is present at the menu structure, but somehow i can't use it...
- would it be possible to define some roles or even certificates
at ra/ca level, which are allowed to sign? i mean at ra level it should working through rbac definitions
- but an kind of automatic verification at the ca against defined roles or single certs (through there serial numbers for example) would be fine, so the ca-operator can not just see - there is a valid signature, in terms of, can be verified and has to be checked manually...
- i think it would be very usful to see - cert is valid and is allowed to sign... so mistakes are easier avoidable at the ca-level and the operation gets simplified, i think
greetings dalini
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ OpenCA-Devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-devel
