That makes sense Thanks
Konrad -----Original Message----- From: Massimiliano Pala [mailto:massimiliano.p...@dartmouth.edu] Sent: 01 September 2010 20:59 To: Users' Help and Suggestions Subject: Re: [Openca-Users] key compromise when approving CSR with existing key Hello Konrad, As Dave said, it is best practice not to re-use keypairs for different purposes. Also, it might be difficult to manage revokation. For example, if a key is compromised, then all the certificates issued with the corresponding public key have to be revoked. This could be difficult to achieve in some environments. Later, Max On 09/01/2010 12:14 PM, Konrad Kehrer wrote: > Hi all, > > Can anyone explain why it is treated as a key compromise if more than > one certificates would be issued that all were generated using > > the same private key? > > A user might need a certificate for e.g. EAP-TLS access and later > another one to access a web application - why is it necessary to > generate a new private/public key in that case? ------------------------------------------------------------------------------ This SF.net Dev2Dev email is sponsored by: Show off your parallel programming skills. Enter the Intel(R) Threading Challenge 2010. http://p.sf.net/sfu/intel-thread-sfd _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
