My question is about the nescape browser, especially how it does
security relevant work. I tried to use openssl to develop a certificate
chain. I have three testing CAs, a root and two sub-CAs(B
and C) which are both signed by the root CA. Then I tried to have two
clients, say John and Mary, communicate with each other through encrypted
mail. John has a cert sighed by B, and Mary has a cert signed by C.
root CA
/ \
CA B CA C
/ \
John's cert Mary's cert
The result is that the Netscape messenger cannot verify the certs. I did a
few experiments, and guessed that that is because the messenger does not send
the whole cert chain with the mail, instead only the leaf cert is attached
with the encryped mail. BTW: I'm using Communicator 4.7. So does the
browser support cert-chain? I will be grateful if anyone can help me with
this question or point me to some technical source.
Thanks.
Hazel
______________________________________________
Miss Yuhang Gao
CERNET Regional Network Center,
Dept. of Computer Sci. & Eng.
Southeast University,
Nanjing 210096,
P.R.China
Tel: +86-25-3794342 ext 211
Fax: +86-25-3614842
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
