Sorry, I mean certificate in the client site, it is personal certificate. We
do authentication bi-directly.
BTW, can OpenSSL work with IIS?
John Li
(905)475-5504
[EMAIL PROTECTED]
> -----Original Message-----
> From: Michael Batchelder [SMTP:[EMAIL PROTECTED]]
> Sent: Monday, December 11, 2000 12:49 PM
> To: Li, John
> Cc: [EMAIL PROTECTED]
> Subject: Re: Where can I found regulation about digit certificate?
>
> You can do this, using tools w/OpenSSL to generate "generic" _server_
> certificates (you can also generate client certificates, but that's not
> what I think you meant or want). Encryption restrictions apply only for
> exchange of data, not on identification (which is what the keys of the
> cert are for), as far as I know. Export restrictions would then affect
> exchange of the data by restricting the size of your SSL session key, I
> believe.
>
> Michael
>
>
> "Li, John" wrote:
> >
> > We have been running a https site and a department about 30 persons to
> > access it. We just want to use a generic client certificate to
> authenticate
> > people from that department. And we can do it technically by importing
> that
> > certificate for the whole department into everyone's workstation, but is
> > that legal or not? Could anyone give me any advice? Thanks a lot.
> >
> > John Li
> > (905)475-5504
> > [EMAIL PROTECTED]
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
