[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: Root Certificate integration of DFN-PCA
From: Michael Matz <matz () kde ! org>
Date: 2002-02-22 0:41:41
[Download RAW message or body]
Hi,
On Thu, 21 Feb 2002, George Staikos wrote:
> > not really :-) You can import any signer into netscapes cert7.db without
> > interference of lawyers, simply via the browser interface, no difference to
> > KDE. The instructions on how to do so are on display at the DFN-PCAs
> > handbook to OpenSSL, which is very complete and has been a great help for
> > me in the past.
>
> You can do that with konqueror too. But we aren't shipping it in there
> already. Otherwise I think it would be nice for me to create my own CA and
> put it in there too, right?
This would go against reasonability. Btw. now I must ask for the actual
behaviour: for konqui is the goodness of a certain certificate only
dependend on the actual presence of a cert chain up to a root cert, or
does it also depend on _which_ root cert it got (i.e. on which tree in the
trust semiforest it hangs). I would prefer the latter, and if that's so,
then I actually have nothing against you creating your own CA and
including it. Nobody besides you is going to use it to sign/cert
anything, so if I set it to "untrusted" no harm would be done, and
probably no interesting content would be filtered.
Ciao,
Michael.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic