Hi, As the certificate keys are generated by the scripts in the browsers it may be stupid, however how could the RA verify that the requester is in the possession of the private key corresponding to the public key in the request? Couldn't the request be signed by the private key immediately, so that the RA would be able to verify it using the public key?
Best regards, Jozsef -- E-mail : [EMAIL PROTECTED], [EMAIL PROTECTED] PGP key: http://www.kfki.hu/~kadlec/pgp_public_key.txt Address: KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
