Nuno Dias wrote:
i think this is not implemented so farHi,
Someone can help with this two questions ? http://www.mail-archive.com/openca-users%40lists.sourceforge.net/msg05438.html http://www.mail-archive.com/openca-users%40lists.sourceforge.net/msg05436.html
The first is mine, the second is from "Gregor Bethlen" but the question is basically the same issue ...
One CA, two RA's, when import certificates from CA, "all" certificates in CA are import to the RA, they have been or not requested from that RA. There is a way to import from CA only certificates from one specific RA ? Thank's
but - thats why its opensource ;o) - change it yourself
(ok the code isn't perfectly documented, so the interaction, which makes it quite havy to get it, but not tooo much..., one just have to look at
some parts which are working with the headers and dataexchange to understand, whats going on)
so if you need this - maybe you can write some code it should be possible - through the request id to find out if a cert is from a certain part of the ca or not and should be 'delivered' or not... since every module hase its own id
so the importing module should check, maybe the exporting but i don't know if this will work so easily... i think the other aproach is simpler to handle...
from the point of security of course the second aproach - so the
exporter from sensetiv data decides - is safer - of course ;o)
but this would mean - to change the node-interface too, since there is only export to lower - which includes all lower nodes...
but i don't have time for such things at the moment... sorry first the verification problems have to be solved
greetings dalini
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
