Hi folk I believe this is a first, and applicable to people interested in Internet PKI. Thawte has just launched a Chained CA Program, whereby we certify corporate and institutional CA's, delegating authority and the trust inherent in our roots to them. As far as we can tell it's done in a PKIX compliant fashion. http://www.thawte.com/press/ccap.html http://www.thawte.com/certs/chained/ The idea is to delegate trust and authority to subsidiary organisational CA's using cert chaining rules. That lets organisations manage their own PKI using the technology of their choice, but get immediate recognition of their certs from (both ;-) browser/mail clients. Apologies if this lands in your mailbox unnecessarily, but it is directly related to Internet PKI, CA technology and services. -- Mark Shuttleworth Thawte Consulting +-------------------------------------------------------------------------+ | Administrative requests should be sent to [EMAIL PROTECTED] | | List service provided by Open Software Associates, http://www.osa.com/ | +-------------------------------------------------------------------------+
