>-----Original Message-----
>From: Karl Denninger [mailto:[EMAIL PROTECTED]]
>Sent: 03 March 2000 15:39
>To: [EMAIL PROTECTED]
>Subject: Re: Certificate questions...
>Hi John,
>On Fri, Mar 03, 2000 at 10:06:19AM -0000, Airey, John wrote:
>> Assuming we are talking about Thawte's server test certificates, they are
>> only for use for one month. Using them helps you to understand how to
>> install a real certificate without running the risk of destroying it (a
very
>> real risk with NT!)
>Not really true. You can set the validity up to 365 days.
Obviously Thawte have changed their policy on test certificates then. I
haven't used one for a while but they are a useful test of their certificate
issuing procedure without running the risk of losing money because you get
your csr wrong.
Just to clarify, with Windows NT it is possible to install a certificate and
private key without actually having a copy of them on disk, AFAIK (although
it would be foolish not to keep a backup, wouldn't it?). If you need to
reinstall NT, then you've lost them!
Like I said, if this isn't a public site you can create your own. All a
certificate does is prove who you are, but if you are only securing data for
internal use, you hopefully know who you are anyway.
This reminds me of a joke.
Descartes was in a restaurant having a meal. The waiter asks him "would you
like to see the wine list, Sir?". He replies "I think not" and promptly
vanishes.
(I never said it was a funny joke).
John
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
