Re: [Openca-Users] six cuestions

Fri, 18 Jul 2003 03:28:46 -0700

pedro wrote:
1-Today in I gave which would be the form but strong to implement OpenCA in linux, and on which database? 

If I get your question right, we have support for many different databases
to work as backend for certificate and data storage. We support BerkeleyDB
for file-based oriented (usually this is the choice for simple CAs where
you won't install a relational database) and relational databases (i.e.
DB2, Postgres, Oracle, MySQL, etc.).

2-Where it is possible to find informacion, but detailed, on the operation of OpenCA, that do not be in Openca-guide....? 

Michael and Chris are working hard on the OpenCA Guide and I guess many
informations are available on the guide. No other documentation is available
at the moment...

... someone wants to write an O'Reilly book about OpenCA ???

3-Someone it did some implementacion with clusters for OpenCA? 

There are many installations of OpenCA but none that I am aware of use
clusters ...

4-As they solved the implentacion of smart card with OpenCA? One must add a module especially in the server? As would be able to have information on the importation or not of the private keys of the certificates of the users? 

Usage for the Smart Cards by the users it is a matter of client software
installation. We have successfully installed PKIs with SC and we found no
big problems.

Simply when requesting the certificate you must have the smart card (reader
and driver) installed and the card already "formatted" (usually by the
software provided together with the driver).

I find the M.U.S.C.L.E. support for SmartCards to be one of the best that
guarantees for interoperability between cards and operating systems. Try
http://www.linuxnet.com.

5-I can find in internet information on as functions the client of mail outlook express and digital sign? Someone it has algun link specify? 

Outlook as well as Mozilla (best) / Netscape e-mail clients have support
for digital signature of messages. You can either use SmartCards (as I am
currently doing) with these clients.

6-Another question! In the procedure of request of the certificate when the client does the request and generates the pair of keys, in the IE remains the private key of the user? where? 

As the request gets generated the public data is sent to the RA/CA for
certificate's issuing while secret data is stored on the client (if you
requested the certificate using the SmartCard than the key is kept on
the card otherwise the key is stored in the client's Hard Disk).

--

C'you,

Massimiliano Pala

--o-------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager]                [EMAIL PROTECTED]
                                                 Tel.:   +39 (0)59  270  094
http://www.openca.org                            Fax:    +39   178  221 8225
http://openca.sourceforge.net                    Mobile: +39 (0)347 7222 365

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to