Hello, I am developing an application which also has some CA functions. The application knows the public key, KpC, of a client which has a priori proven to this app the possession of KpC through an out-of-band mean. Therefore, when the application "calls" the CA functionality to generate the client's certificate, it should not need to provide the Proof-of-Possession of KpC by the client.
My question is which are the steps to be taken by the application, in order to have a certificate generated for KpC, without providing any PoP to the CA? Any comments are welcome. Thank you in advance for your answer! -- Silviu +33 625 17 51 81 ______________________________ Think twice before printing this page. Do you really need it?
