venki wrote:
Thanks a lot for your help. we have one more dump question. As we noted inFirst DH is an algorithm for the keyexchange. So it is not a replacement for RSA. DSA is a little bit more difficult. It is no problem to implement DSA for the CA key (I commited it some minutes ago - genSKey in getParams.js must be translated to spanish).
the OpenCA, it seems RSA is an only algorithm used for all certs( or we are
missing some information) though OpenSSL has option for DSA and DH.
DSA for usercertificates is more difficult and until now I don't know anybody who needs it. If you have prepared PKCS#10 requests then it is no problem but if the keygeneration of the client will be handled by OpenCA then we support only RSA until now.
Michael
--
-------------------------------------------------------------------
Michael Bell Email (private): [EMAIL PROTECTED]
Rechenzentrum - Datacenter Email: [EMAIL PROTECTED]
Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482
Unter den Linden 6 Fax: +49 (0)30-2093 2959
10099 Berlin
Germany http://www.openca.org
-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
