Hi
Let me qualify even tho I have used OpenCA for a long time, I'm constantly
learning new things (or better ways of doing old things). I'm certainly
not a guru in PKI but hopefully I can answer some of your questions below.
1) Does Open CA support automated certificate issuance (no manual
intervention to be required by an admin) after the end entity is
successfully authenticated by the CA/RA ?
Yes. Either via Batch subsystem or via Auto signing/approving policies.
2) Does it allow creation of dual key pairs (under server side key
generation) ?
Not sure what you mean.
3) Is OpenCA tightly coupled to OpenLDAP or can it use any other directory
servers? More specifically, what is stored in OpenLdap and what is stored
in DBMs ? Incase automated certificate issuance is required where would
the user data reside?
OpenCA provides an LDAP schema. If it can be imported into your particular
LDAP implementation it should work ok.
LDAP stores the public cert and the CRL. Although the database stores the
same thing, there is no protocol in PKI for accessing DB. PKI's usually
use HTTP/S or LDAP calls.
4) Does open ca support signed logging of various auditable logs?
Not sure what you want here. Are you asking do the logs which
administrator did what?
5) What are the certificate management protocols supported and what are
the supported message formats ? Is there an exhaustive list somewhere
which is uptodate.
See the FAQ. http://www.openca.org/~madwolf/
6) Is there any key recovery or key management support inbuilt?
See the FAQ.
7) Does OpenCA support certificate profiles ? is there more
information/howto for the same?
Yes. Again see the FAQ.
This is an e-mail from General Dynamics Land Systems. It is for the intended
recipient only and may contain confidential and privileged information. No one
else may read, print, store, copy, forward or act in reliance on it or its
attachments. If you are not the intended recipient, please return this message
to the sender and delete the message and any attachments from your computer.
Your cooperation is appreciated.
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users
