Dr Stephen Henson schrieb: > > Holger Reif wrote: > > > > BUT: only one CSP signed by everybody and his dog can be > > loaded at any given time since the replacement NSAKEY is > > different for every provider. > > Eh? > > This need not be the case. Users could include their own keypair as > NSAKEY and then sign whatever CSPs they want to accept themselves. Yes, but only one CSP at each time unless both use the same replacement key. > Disabling the CSP check is another possibility. I wasn'T aware that this is that easy... -- Holger Reif Tel.: +49 361 74707-0 SmartRing GmbH Fax.: +49 361 7470720 Europaplatz 5 [EMAIL PROTECTED] D-99091 Erfurt WWW.SmartRing.de ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]