On Wed, May 26, 1999, Travers Waker wrote:
> > > Is it
> > > possible to tag the Global Server ID field of the CA
> > > certificate BEFORE
> > > the certificate is imported into a particular browser's certificate
> > > database? This would make life so much simpler.
>
> > Sure, but then the whole efforts Netscape and Versign made
> > would be useless,
> > of course. So, no, I don't think there will be a trick to tag
> > the stuff
> > before importing it...
> > Ralf S. Engelschall
>
> So, is the tag a Netscape specific thing? (i.e. something Netscape adds to
> the certificate once it has imported it).
Yes, the tag is not part of the CA certificate. It's just a meta flag in the
browsers database which tells the browser that server certs issued by this CA
certificate can trigger the stronger-cipher step-up.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]