Re: [Openca-Users] Is PIN code stored in RA or CA database?

[dalini]

Manolo G�mez wrote:
This behaviour is OK for user requests, but has nosense for server
requests because in that case  the encpryted pair of keys and also a
CSR has already benn generated in the server. Why is needed to give a
PIN code? Is it used?  Is it stored anywhere? Can I use it later for
any kind of authentication?
exactly it can be used for authentication purposes
at the registration node interface there is a option
called: verify pin, where an ra-operator may have the
ability to verify the request (basicaly it opens a extra window, where 
one can submit the pin two times - as password input fields, so its 
asterixed)

for example: the requester has to go to the ra operator and provide his 
pin in a webform - the openca-system then will compare the request pin 
against the provided password and tell the ra-operator if they match or 
not (he won't see it, only if he follows the fingers on the keyboard of 
the person ;)

so it may be possible, that a workflow requests that serveradmins show 
up at the pki help desk to confirm there request... and this will work 
with that option

available only in 0.9.2 series
greetings
dalini
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users