Re: Looking for a simple SSL-CA package

2003-08-26 Thread Jeff
- Original Message - From: Tarjei Huse [EMAIL PROTECTED] To: Noah L. Meyerhans [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Sunday, August 24, 2003 1:51 PM Subject: Re: Looking for a simple SSL-CA package I think I'll end up with pyca (www.pyca.org) as it seems to have most

Re: Looking for a simple SSL-CA package

2003-08-26 Thread Jeff
- Original Message - From: Tarjei Huse [EMAIL PROTECTED] To: Noah L. Meyerhans [EMAIL PROTECTED]; debian-security@lists.debian.org Sent: Sunday, August 24, 2003 1:51 PM Subject: Re: Looking for a simple SSL-CA package I think I'll end up with pyca (www.pyca.org) as it seems to have

Re: Looking for a simple SSL-CA package

2003-08-25 Thread Matt Zimmerman
On Sat, Aug 23, 2003 at 07:38:25PM +0200, Adam ENDRODI wrote: On Fri, Aug 22, 2003 at 01:04:54PM -0400, Matt Zimmerman wrote: On Thu, Aug 21, 2003 at 12:56:30PM +0200, Tarjei Huse wrote: I'm no expert on handling certificates and I hope not having to learn all the commandline

Re: Looking for a simple SSL-CA package

2003-08-25 Thread Matt Zimmerman
On Sat, Aug 23, 2003 at 07:38:25PM +0200, Adam ENDRODI wrote: On Fri, Aug 22, 2003 at 01:04:54PM -0400, Matt Zimmerman wrote: On Thu, Aug 21, 2003 at 12:56:30PM +0200, Tarjei Huse wrote: I'm no expert on handling certificates and I hope not having to learn all the commandline

Re: Looking for a simple SSL-CA package

2003-08-24 Thread Noah L. Meyerhans
On Sat, Aug 23, 2003 at 07:38:25PM +0200, Adam ENDRODI wrote: Perhaps I just misinterpret the terminology, but I've had the impression that every certificate should be signed, so should the root of the tree too. Since they sit at the top of the hierarchy they must be self signed. Am I

Re: Looking for a simple SSL-CA package

2003-08-24 Thread Tarjei Huse
Hi, I'd like to thank all who contributed. If you don't want to run your own certificate authority or pay a commercial one to sign your key, and you don't have a lot of certificates to deal with, you can have each key simply be self-signed, which I believe is what's being recommended here.

Re: Looking for a simple SSL-CA package

2003-08-24 Thread Tarjei Huse
Hi, I'd like to thank all who contributed. If you don't want to run your own certificate authority or pay a commercial one to sign your key, and you don't have a lot of certificates to deal with, you can have each key simply be self-signed, which I believe is what's being recommended here.

Re: Looking for a simple SSL-CA package

2003-08-23 Thread Adam ENDRODI
On Fri, Aug 22, 2003 at 01:04:54PM -0400, Matt Zimmerman wrote: On Thu, Aug 21, 2003 at 12:56:30PM +0200, Tarjei Huse wrote: I'm no expert on handling certificates and I hope not having to learn all the commandline switches of openssl by heart. However, I do need a simple setup of a CA

Re: Looking for a simple SSL-CA package

2003-08-23 Thread Adam ENDRODI
On Fri, Aug 22, 2003 at 01:04:54PM -0400, Matt Zimmerman wrote: On Thu, Aug 21, 2003 at 12:56:30PM +0200, Tarjei Huse wrote: I'm no expert on handling certificates and I hope not having to learn all the commandline switches of openssl by heart. However, I do need a simple setup of a CA

Re: Looking for a simple SSL-CA package

2003-08-23 Thread Noah L. Meyerhans
On Sat, Aug 23, 2003 at 07:38:25PM +0200, Adam ENDRODI wrote: Perhaps I just misinterpret the terminology, but I've had the impression that every certificate should be signed, so should the root of the tree too. Since they sit at the top of the hierarchy they must be self signed. Am I

Re: Looking for a simple SSL-CA package

2003-08-22 Thread Matt Zimmerman
On Thu, Aug 21, 2003 at 12:56:30PM +0200, Tarjei Huse wrote: I'm no expert on handling certificates and I hope not having to learn all the commandline switches of openssl by heart. However, I do need a simple setup of a CA that I may use for creating selfsigned certificates, webpages that

Re: Looking for a simple SSL-CA package

2003-08-22 Thread Matt Zimmerman
On Thu, Aug 21, 2003 at 12:56:30PM +0200, Tarjei Huse wrote: I'm no expert on handling certificates and I hope not having to learn all the commandline switches of openssl by heart. However, I do need a simple setup of a CA that I may use for creating selfsigned certificates, webpages that

Looking for a simple SSL-CA package

2003-08-21 Thread Tarjei Huse
Hi, I'm no expert on handling certificates and I hope not having to learn all the commandline switches of openssl by heart. However, I do need a simple setup of a CA that I may use for creating selfsigned certificates, webpages that clients may use to import the certificates and also a way to

Re: Looking for a simple SSL-CA package

2003-08-21 Thread Adam ENDRODI
On Thu, Aug 21, 2003 at 12:56:30PM +0200, Tarjei Huse wrote: What are the alternatives besides OpenCA? Does anyone know of a set of scipts that are a bit less complex and at the same time gives me some of the same functionality? http://vekoll.saturnus.vein.hu/~borso/ca.tgz You'll find here

Looking for a simple SSL-CA package

2003-08-21 Thread Tarjei Huse
Hi, I'm no expert on handling certificates and I hope not having to learn all the commandline switches of openssl by heart. However, I do need a simple setup of a CA that I may use for creating selfsigned certificates, webpages that clients may use to import the certificates and also a way

Re: Looking for a simple SSL-CA package

2003-08-21 Thread Adam ENDRODI
On Thu, Aug 21, 2003 at 12:56:30PM +0200, Tarjei Huse wrote: What are the alternatives besides OpenCA? Does anyone know of a set of scipts that are a bit less complex and at the same time gives me some of the same functionality? http://vekoll.saturnus.vein.hu/~borso/ca.tgz You'll find here

Re: Looking for a simple SSL-CA package

2003-08-21 Thread Martin Helas
On Don Aug 21, 2003 at 12:5630 +0200, Tarjei Huse [EMAIL PROTECTED] wrote: Hi, I'm no expert on handling certificates and I hope not having to learn all the commandline switches of openssl by heart. However, I do need a simple setup of a CA that I may use for creating selfsigned