On 10/19/2011 6:10 AM, Mohan Radhakrishnan wrote:
Hi,
Is there any material available that shows flows of one-way/two-ssl
and different types of CA architectures ? We use two-way SSL and
generate CSR’s and update expired certificates and we are aware of the
basic points.
I am not sure what you mean by "one-way" SSL.
The current SSL versions (those later than SSL3) are called TLS and are
specified in much detail in internet RFCs (http://www.rfc-editor.org or any
of their many mirror sites).
SSL does not deal with CSRs at all, those are used for CA operations
and obtaining certificates, in which case you should be looking at the
X.509 standards (from ITU) and the PKIX standards (also specified in
RFCs, see above).
I have browsed the NIST website.
NIST generally refers to the public/industry standards (see above) for
certificate and SSL/TLS operations, but do occasionally issue
documents that specify the required/permitted sets of options,
algorithms, key sizes etc. for Government work.
P.S.
Your standard e-mail disclaimer needs to be different for "public
unofficial messages", such as mailing list postings.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
