Morning/Afternoon/Evening (Delete as applicable) This sort of jumps in and out of topic re: this forum, so apologies if I stray too far, and bear with me .. it all ultimately relates to mail .. honest :)
I wish to use a stand-alone root CA on Win2K, certificated (is there such a word?) through one of the trusted root authorities - Verisign/Thwaite/Entrust. Hanging off this stand-alone root will be subordinate stand-alone's and subordinate Enterprise CA's. The ultimate aim, being able to distinguish between internal/external users from an certificate enrollment perspective, and to use various encryption/signing techniques for transmitting mail. Questions are twofold: 1. Do I have to use DSSTORE to import the certificate from the trusted third-party into the stand-alone Root CA and is the only valid format PKCS#12 ? There is an import button on the Install wizard during the Certsrv installation phase which suggests certs can be brought in from trusted sources. 2. Is the use of certificates in this grandfather/father/child type manner a valid one. btw... any URL's or links to sites concerning PKI and Messaging would be appreciated. Ta muchly, Mylo PS: Has anyone actually done this ? _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]