On Tue, Oct 26, 2004, TAYLOR, TIM (CONTRACTOR) wrote:
> >Well this could have been controlled in the certificates themselves by
> >including and extended key usage extension to allow client authentication or
> >email protection. Then a savvy browser wouldn't present the wrong certificate
> >type.
>Well this could have been controlled in the certificates themselves by
>including and extended key usage extension to allow client authentication or
>email protection. Then a savvy browser wouldn't present the wrong certificate
>type.
I have noticed that the cert I don't want to show up has the f
Sent: Monday, October 25, 2004 1:57 PM
To: [EMAIL PROTECTED]
Subject: Re: Certificate Request Control
On Mon, Oct 25, 2004, TAYLOR, TIM (CONTRACTOR) wrote:
> Thanks for the response, Dr Henson. I have tried taking the Root CA hash link out of
> my SSLCACertificatePath and do get the c
On Mon, Oct 25, 2004, TAYLOR, TIM (CONTRACTOR) wrote:
> Thanks for the response, Dr Henson. I have tried taking the Root CA hash link out of
> my SSLCACertificatePath and do get the correct prompt for the identity cert only,
> however SSL seems to then use this list of certs for finding the trus
o" my trusted roots list. I suppose there is no way to
discretely define the two lists?
regards,
tt
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Dr. Stephen Henson
Sent: Friday, October 22, 2004 6:42 PM
To: [EMAIL PROTECTED]
Subject: Re: Certifica
On Fri, Oct 22, 2004, TAYLOR, TIM (CONTRACTOR) wrote:
> I have a situation where my trusted root has two different kinds of intermediate CAs
> (identity and email, say) that issue identity and email signing certificates,
> respectively. I would like to only allow users to authenticate to my Apac
