On Fri, Mar 31, 2000 at 01:57:01PM +0800, Denis J. C. Amparo wrote:
> One thing I noticed about their system is that it requires that the user
> uses Netscape or Lynx probably because only these allow the addition
> of new CAs into the browser. I checked IE 4.0, which I'm using, and
> noticed that it doesn't allow the addition of new CAs. I guess it would
> also
> be a challenge to distribute the would-be local CA site certificates to
> as many people/browsers as possible.
I remember playing with OpenCA (http://www.openca.org) before.
And if I remember correctly I was able to import a new root CA
certificate in both Netscape and IE. IE just needs the
certificate format to be in some specific format (DER I think)
and have the mime type correctly set when you make it available
as a link from your web server. What happens then is when the
user clicks on the link, the browser automagically detects it as
a root certificate and prompts you accordingly. Later
certificates signed by this root CA should be pass the browser's
security check.
Mike
-
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
