You can do this, using tools w/OpenSSL to generate "generic" _server_
certificates (you can also generate client certificates, but that's not
what I think you meant or want). Encryption restrictions apply only for
exchange of data, not on identification (which is what the keys of the
cert are for), as far as I know. Export restrictions would then affect
exchange of the data by restricting the size of your SSL session key, I
believe.
Michael
"Li, John" wrote:
>
> We have been running a https site and a department about 30 persons to
> access it. We just want to use a generic client certificate to authenticate
> people from that department. And we can do it technically by importing that
> certificate for the whole department into everyone's workstation, but is
> that legal or not? Could anyone give me any advice? Thanks a lot.
>
> John Li
> (905)475-5504
> [EMAIL PROTECTED]
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
