Re: [OpenCA-Devel] bp: postproc_cert

Wed, 04 Aug 2004 08:09:03 -0700

Michael Bell schrieb: 
Michael Konietzka wrote:

Hi
within the bp there is a function "postproc_cert" defined which triggers if the state
is "enrolled_cert". In the normal workflow there is no state "enrolled_cert" neither is
there a bp/lib/postproc_cert.sub.

What it is this good for? Did I miss something? 


I planned the following state transition (with enrolled_):

pin --> pkcs12 --> cert --> postproc_cert

First enroll the PIN. Second rollout of the PKCS#12 (or better key and cert) to the user. Finally rollout of the cert (to the infrastructure). After the last step we can do something with the cert. Therefore we planned postproc cert. You can place it for example in a newsletter. enroll_cert is focussed on OpenCA and postproc_cert is focussed on the customer.

More or less when we finished enroll_pkcs12 and then there was some silence around. Perhaps Oli knows what the actual plan is. 

Hm,
i just wrote a create_p12_mail.sub and the appropriate state/functions
to generate a email with the attached p12. This email-text is stored
in $p12filename".mail".

There is some work to do for organize the email.
I think i will create a mail-Directory in bp/dataexchange
where the generated emails should be stored.

In my szenario (dual-key-Usage) i will add the PIN to this email
and encrypt the email with the already issued signature-certificate
of the user.
I have done this already with little scripts, but i
need a little advice or guide how to integrate the dual-key-concept
into OpenCA, so this will be maybe official part of OpenCA later.

Regards
 Michael

--
Dipl.-Inform. Michael Konietzka  Schlund + Partner AG
- Development UNIX -             Brauerstraße 48
    Webservices                  D-76135 Karlsuhe
http://www.schlund.de/           Germany


-------------------------------------------------------
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
_______________________________________________
OpenCA-Devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-devel

Reply via email to