Hi,
On Aug 23, 2008, at 2:08 PM, Dirk Meyer wrote:
Pedro Melo wrote:
On Aug 23, 2008, at 1:18 PM, Jonathan Schleifer wrote:
Am 23.08.2008 um 11:04 schrieb Dirk Meyer:
SAS does not work for me when I use bots. It also reduces it to one
way removing the option of X.509 certificates which is something I
need.
I never said SAS should be the only way, we need multiple ways. I
suggest those:
* SAS with mnemonics
* Fingerprint verification
* CA, but no CA added in the client by default (so the user has to
trust the CA manually, for example useful in a company so you don't
have to verify every co-worker)
Exactly. For bots, I personally would create my own CA and tell those
pesky little devils just to trust certificates signed by that.
Half off-topic: is there an easy way to create a CA and sign keys with
that? The only howtos I found are very complicated, require a password
and stuff like that. I want to have a script 'create-ca' with some
parameter and 'sign' getting a key.
hmms... bundled with openssl there was a CA.pl script. It should be
able to do what you need.
Also check out other freshmeart offers: http://freshmeat.net/search/?
q=certification+authority§ion=projects&Go.x=0&Go.y=0
Best regards,
--
Pedro Melo
Blog: http://www.simplicidade.org/notes/
XMPP ID: [EMAIL PROTECTED]
Use XMPP!
