Hi
>> From: Mike Hoegeman <[EMAIL PROTECTED]>
>> i don't want to sound ungrateful, but that document is useless for
>> someone who wants to learn how to operate the thing. if the
>> openssl people want to get people to start using it, they've *got*
>> to get some decent introductory documentation going.
Well, there is a big hole as far as introductory documentation to the
work of X.509/PKIX digital certificates go, but it's not as easy as
installing the MP3 player. In the old PGP there was a long
ramble by Mr. Zimmerman about security [maybe it's still there]. In
the compilation and usage docs he repeatedly directed people toward
this document *before* compiling and using the software.
You see, security is a lot more than software. And a CA is part of a
security infrastructure instead of an amusement [well, it can be
amusing, if you are really without outside interests ...]. Also, there
is a programming library that comes with the distribution, and
programmers can read and understand code [well, they *should* be able
to read and understand code].
So it's not trying to be anything other than a tool set. And it *is*
complicated. Anything that hides that complexity from you is making a
lot of decisions on your behalf. Decisions that you may or may not
agree with.
Also, who are the openssl people?
--
\js
NANCY!! Why is everything RED?!
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
