Hi,
I am planning the PKI for E-Mail-Certs.
These certs should be used for Digital Signatures and Encryption in E-Mails.
One of the reuirements is some kind of key backup to gain access to the encrypted documents, even when a user (employee in this case) looses his key.
I red a little about the dual-key-modell: One key-pair for digital-signing and one key-pair for decryption.
In my PKI the user should generate the key for signing in his browser and the keypair for decrypting is generated by the PKI, so this keypair can be backuped and restored if needed.
The user should do enter his data once and he gets a x509-cert for his signing cert and a pkcs12 for his decrypting cert.
How can I do this with OpenCA, if?
Best regards Michael -- Dipl.-Inform. Michael Konietzka Schlund + Partner AG
------------------------------------------------------- This SF.Net email is sponsored by: SourceForge.net Broadband Sign-up now for SourceForge Broadband and get the fastest 6.0/768 connection for only $19.95/mo for the first 3 months! http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
