> > This leads to the third version, of which I don't know if it is
> >possible at all. Does any of the well-known root-CA's assign "intermediate"
> >certificates, allowing us to create client certificates without "shocking"
> the
> >users with the warning dialogs?
>
>
> I think the answer is yes. You can be your own CA but not a root CA.
This is not true, I'm afraid.
Cheers,
Stefan.
______________________________________________________________________________
Stefan Kelm PGP key: "finger [EMAIL PROTECTED]" or via key server
DFN-PCA <[EMAIL PROTECTED]>
Vogt-Koelln-Str. 30 http://www.pca.dfn.de/~kelm/
22527 Hamburg (Germany) Tel: +49 40 428 83-2262 / Fax: -2241
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
