Chuck Okerstrom wrote: > or even tell me what parameters of the > cert generation itself are critical to this whole process? Oh dear, and here I was trying to be nice to people.
The PKCS certificates are used for one purpose, and one purpose only. As a standard way of storing the public key. They are not tested for any validity (by rsyncrypto) beyond that, at all. They can have whatever name you want, be signed, unsigned or self signed, and can even be expired for all rsyncrypto cares. The only thing that matters is the public key stored in them. > If I'd > incorrectly specified the cert generation parameters would it still > work, but maybe not optimally? > No. If it has the right key, it will work. If it hasn't, it won't. The only reason PKCS certificates were used at all was that there is no other standard way to store a public key. Hope that quieten your concerns. Shachar ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Rsyncrypto-devel mailing list Rsyncrypto-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rsyncrypto-devel