Hi,
We are designing a Web-bases application that will use client
certificates as an alternate possibility of authentification. There seem to be
xxx options.
First, we could create our own CA and assign the users self-generated
certificates. This has the drawback that the user get all those warning dialogs
(our user will most likely be the non-technical, easy-to-panic type).
Another possibility would be to have them get certificates from, say,
thawte. We would map those certificates to our internal database. Downside: the
users will have to go to another server they possibly know nothing about.
Remember that they are most likely non-technical people.
This leads to the third version, of which I don't know if it is
possible at all. Does any of the well-known root-CA's assign "intermediate"
certificates, allowing us to create client certificates without "shocking" the
users with the warning dialogs?
I would be most grateful for any further versions to consider.
Regards,
Hakan
--
Hakan Tandogan [EMAIL PROTECTED]
ICONSULT Tandogan - Egerer GbR Tel.: +49-9131-9047-0
Memelstrasse 38 - D-91052 Erlangen Fax.: +49-9131-9047-77
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
