lst_hoe02(a)kwsoft.de wrote:
As said in theory this "yellow pages" are already available but i have
found only one (meta-directory) so far at ldap://directory.bridge-ca.org.
At least in germany every CA providing services like "qualifizierte
elektronische Signatur" should have one too, but i have not found one yet.
But it would be nice to build some kind of caching certificate directory
that interfaces with other directories. The main advantage of this is
that a client only need one interface to query multiple directories.
Djigzo, or any other S/MIME solution, can then query the server for
certificates.
Some comercial solutions already does something like that. It could be
as simple as do an LDAP query i guess. Uploading our own certificates
would be more difficult as it normaly require that you are subscribed of
some sort at the provider.
Yes but that's why it would be nice to have our own directory that
allows others to upload their certificates.
Martijn
ยทยทยท
--
Djigzo open source email encryption
Zitat von Martijn Brinkers <martijn(a)djigzo.com>:
lst_hoe02(a)kwsoft.de wrote:
As said in theory this "yellow pages" are already available but i have
found only one (meta-directory) so far at ldap://directory.bridge-ca.org.
At least in germany every CA providing services like "qualifizierte
elektronische Signatur" should have one too, but i have not found one yet.
But it would be nice to build some kind of caching certificate directory
that interfaces with other directories. The main advantage of this is
that a client only need one interface to query multiple directories.
Have i got it right that you plan to operate some sort of LDAP
directory as "cache" for numerous others like
ldap://directory.bridge-ca.org and others?
If Djigzo get really widely used this can get expensive i guess...
Djigzo, or any other S/MIME solution, can then query the server for
certificates.
Some comercial solutions already does something like that. It could be
as simple as do an LDAP query i guess. Uploading our own certificates
would be more difficult as it normaly require that you are subscribed of
some sort at the provider.
Yes but that's why it would be nice to have our own directory that
allows others to upload their certificates.
Hm, it would not be that security sensitive as the Djigzo instances do
the querys should still check if the certificates which they get are
valid, so one could start with some sort of VPS with around
10Euro/month as server.
But the main question would be how to get the certificates in the store.
Regards
Andreas